Remote Silent Install of Adobe
Wednesday, March 24, 2010
I've been trying to crack down on clients that have old versions of Adobe Reader on their machine. Adobe has become one of those necessary evils that is out there and we have to deal with it. This is a write up of installing the latest Adobe Reader version 9 silently with the help of PSExec.
Security
it turns out that Adobe Reader does more than just view a PDF. It renders images, displays text, hooks into your web browser, all of which have been used in attacks vectors in the past. In fact, SANS and others have been recognizing Adobe Reader and other client-side attacks as priority one.
For example, Metasploit, a popular exploitation framework, includes the ability to exploit many of the Adobe Reader flaws by creating custom PDFs which when opened, attack an unpatched version of Adobe Reader to gain access to the system. From there an attacker can easily circumvent your firewall and gain access to a system and the rest of your network.
Remote Silent Install
- Download latest Adobe Reader
- Download and install PSExec
- Create your list of hosts you want to install on [Optional]
- The command:
NOTE: If you want to run on an individual machine use \\HOSTNAME instead of @YOURHOSTS.txt.
Here is a list of the possible switches you can use
- /sAll - Silent mode
- /sPB - Silent mode with a progress bar
- /rs - Reboot suppress
- /rps - Reboot prompt suppress
- /ini"PATH" - Alternative initialization file
- /sl "LANG_ID" - Set Language
- /l - Enable error logging
- /msi - standard MSI command line switches
External Links
http://get.adobe.com/reader/ - Download the latest Adobe Reader
http://technet.microsoft.com/en-us/sysinternals/bb897553.aspx Download PSExec
http://www.sans.org/top-cyber-security-risks/ - SANS Top Cyber Security Risks. Client-side attacks are priority one.
http://cve.mitre.org/ - List of updated Adobe vulnerabilities
I've been trying to crack down on clients that have old versions of Adobe Reader on their machine. Adobe has become one of those necessary evils that is out there and we have to deal with it. This is a write up of installing the latest Adobe Reader version 9 silently with the help of PSExec.
Security
it turns out that Adobe Reader does more than just view a PDF. It renders images, displays text, hooks into your web browser, all of which have been used in attacks vectors in the past. In fact, SANS and others have been recognizing Adobe Reader and other client-side attacks as priority one.
For example, Metasploit, a popular exploitation framework, includes the ability to exploit many of the Adobe Reader flaws by creating custom PDFs which when opened, attack an unpatched version of Adobe Reader to gain access to the system. From there an attacker can easily circumvent your firewall and gain access to a system and the rest of your network.
Remote Silent Install
- Download latest Adobe Reader
- Download and install PSExec
- Create your list of hosts you want to install on [Optional]
- The command:
NOTE: If you want to run on an individual machine use \\HOSTNAME instead of @YOURHOSTS.txt.
Here is a list of the possible switches you can use
- /sAll - Silent mode
- /sPB - Silent mode with a progress bar
- /rs - Reboot suppress
- /rps - Reboot prompt suppress
- /ini"PATH" - Alternative initialization file
- /sl "LANG_ID" - Set Language
- /l - Enable error logging
- /msi - standard MSI command line switches
External Links
http://get.adobe.com/reader/ - Download the latest Adobe Readerhttp://technet.microsoft.com/en-us/sysinternals/bb897553.aspx Download PSExec
http://www.sans.org/top-cyber-security-risks/ - SANS Top Cyber Security Risks. Client-side attacks are priority one.
http://cve.mitre.org/ - List of updated Adobe vulnerabilities