QuickTime 7.2.0.245 Security Update MSI
Apple was nice enough to provide an MSI to address the vulnerability, and it installs fine over my custom-built 7.2.0.240 package. For some reason, however, it is not showing up in Add/Remove programs (I also enabled the showing of "Security Updates" thinking it might be there, but no luck. The MSI looks fine as well, and I can see that the radial is enabled for Add/Remove programs." I am looking for a way to audit the installation of the package instead of using the System.qts file version or registry key (HKLM\Software\Apple Computer, Inc.\QuickTime\Security Updates) as recommended, and was thinking of using Microsoft SMS to audit the Add/Rem Programs entry instead. Is anyone else having the same issue?
0 Comments
[ + ] Show comments
Answers (12)
Please log in to answer
Posted by:
AngelD
16 years ago
Is the ARPSYSTEMCOMPONENT property set in the "Security Update MSI"?
Are they actually registering the product (can you uninstall it by launching the MSI again)?
Are they actually registering the product (can you uninstall it by launching the MSI again)?
Posted by:
anonymous_9363
16 years ago
I am looking for a way to audit the installation of the package instead of using the System.qts file version or registry key (HKLM\Software\Apple Computer, Inc.\QuickTime\Security Updates) as recommended, and was thinking of using Microsoft SMS to audit the Add/Rem Programs entry instead. Is anyone else having the same issue?In what way 'audit'? Do you want to ensure it's installed?
Posted by:
Skaye
16 years ago
Thanks for the quick reply. ARPSYSTEMCOMPONENT is not listed in the property table.
Posted by:
Skaye
16 years ago
By 'Audit' I simply mean I am looking for a way to track which QuickTime machines have the patch and which machines are still vulnerable.
Posted by:
Skaye
16 years ago
Sorry for the double post - I tried launching "SecUpdQuickTime720.msi" again and it simply ran through the install again - no prompt to change/modify or remove.
Posted by:
anonymous_9363
16 years ago
By 'Audit' I simply mean I am looking for a way to track which QuickTime machines have the patch and which machines are still vulnerable.Well, I don't know SMS at all but, if it were me, I'd have a script walk the AD and be looking at the 'Uninstall' registry entry, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\[QT_patch_product_code], maybe use the 'InstallDate' value...?
Posted by:
Skaye
16 years ago
That's what I want to do basically, but instead using an SMS query to look at that same uninstall key. What's strange is that that key doesn't even exist for this particular MSI, even though the msi shows a product code of "{9D1BEF20-A136-433C-99B9-B6EDC1598C4A}"
Posted by:
anonymous_9363
16 years ago
Well, then, I think you're stuck with using the recommended registry value. If it were me, though, I couldn't resist snapshotting it to see exactly what it gets up to, just to satisfy myself.
Posted by:
AngelD
16 years ago
ORIGINAL: Skaye
That's what I want to do basically, but instead using an SMS query to look at that same uninstall key. What's strange is that that key doesn't even exist for this particular MSI, even though the msi shows a product code of "{9D1BEF20-A136-433C-99B9-B6EDC1598C4A}"
That is why I stated "Are they actually registering the product".
As the product isn't registered when installed the "CurrentVersion\Uninstall\[QT_patch_product_code]" will not get written.
Either add the register related actions or the "Uninstall\[QT_patch_product_code]" registry entries to the MSI.
You can choose to use a transform or directly modify the MSI, as the MSI is not being registered by default the vendor will not be able to create any update/patch for this MSI and therefore any of the options is fair play.
Posted by:
nheim
16 years ago
Hi folks,
a quick glance at this MSI shows, that Apple made a huge step in the wrong direction with this update (after making a real progress the last few months)!
This thing is a badly crippled MSI.
The absence from ARP comes from the lack of the 'RegisterProduct' action in the 'InstallExecuteSequence' table of this package.
This makes it a zombie, which will not be removable with a standard approach.
This thing is definitley a nogo for a managed environment!
A solution could be, to make an admin install of both the 7.2.0.240 full install and the 7.2.0.245 Security Update.
Then the files from the update are copied over the predecessors in the .240 admin installation.
This should work, because only files are updated.
One could generate a new package code and product code, but keep the upgrade code. With this, the package should stay upgradeable.
Hope this clarifies it a bit.
Regards, Nick
Links:
http://docs.info.apple.com/article.html?artnum=306560
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=15270&cat=1&method=sa/SecUpdQuickTime720.msi
a quick glance at this MSI shows, that Apple made a huge step in the wrong direction with this update (after making a real progress the last few months)!
This thing is a badly crippled MSI.
The absence from ARP comes from the lack of the 'RegisterProduct' action in the 'InstallExecuteSequence' table of this package.
This makes it a zombie, which will not be removable with a standard approach.
This thing is definitley a nogo for a managed environment!
A solution could be, to make an admin install of both the 7.2.0.240 full install and the 7.2.0.245 Security Update.
Then the files from the update are copied over the predecessors in the .240 admin installation.
This should work, because only files are updated.
One could generate a new package code and product code, but keep the upgrade code. With this, the package should stay upgradeable.
Hope this clarifies it a bit.
Regards, Nick
Links:
http://docs.info.apple.com/article.html?artnum=306560
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=15270&cat=1&method=sa/SecUpdQuickTime720.msi
Posted by:
AngelD
16 years ago
You should also add the RegisterUser action to "support" per-user installations as the RegisterProduct action register for per-machine.
Verify that the PublishComponents, MsiPublishAssemblies, PublishFeatures and PublishProduct actions are provided in the MSI to support advertisement and to register the feature states & feature-component mapping.
Verify that the PublishComponents, MsiPublishAssemblies, PublishFeatures and PublishProduct actions are provided in the MSI to support advertisement and to register the feature states & feature-component mapping.
Posted by:
nheim
16 years ago
Hi folks,
the quickest solution could be to substitute the 'InstallExecuteSequence' table with a default one.
A default table can be copied from 'Sequence.msi' which is contained in the Installer SDK.
Use ORCA to export/import the table.
After that, you need to alter the 'LaunchConditions' sequence in this table, to look like this:
LaunchConditions NOT Installed 300
With this, the MSI is registered correctly, shows up in ARP and can be uninstalled.
Hope this helps someone.
Regards, Nick
the quickest solution could be to substitute the 'InstallExecuteSequence' table with a default one.
A default table can be copied from 'Sequence.msi' which is contained in the Installer SDK.
Use ORCA to export/import the table.
After that, you need to alter the 'LaunchConditions' sequence in this table, to look like this:
LaunchConditions NOT Installed 300
With this, the MSI is registered correctly, shows up in ARP and can be uninstalled.
Hope this helps someone.
Regards, Nick
Rating comments in this legacy AppDeploy message board thread won't reorder them,so that the conversation will remain readable.