Posts

Showing posts from April, 2022

7-Zip App Vulnerability CVE-2022-29072

Image
  In the last day or so CVE-2022-29072  was released. This is a vulnerability that allows an attacker to use a malformed 7zip archive to gain local administrator rights to a computer. Until an official patch is released one of the recommended ways to resolve this is to remove the 7-zip.chm file as it is the Windows help system. We have put together a script to do just that.   $Vols = Get-Volume | Where-Object -Property DriveType -NE "CD-ROM" | Where-Object -Property DriveLetter -ne $null foreach ( $V in $Vols ) { $Files = ( Get-ChildItem -Path $( $V.DriveLetter + ":\" ) -Recurse -Filter "7-zip.chm" ).FullName foreach ( $F in $Files ) { Remove-Item $F -Force } } You can plug this script into an SCCM package to deploy to all your systems. Since 7zip offers a portable version and some software uses 7zip as a built-in utility we made the script scan all volumes on the computer that are not CD-ROM drives and that have a

Latest Software Deployment Scripts

Image
One common issue we face as SCCM Admins is trying to keep common software up to date. Things like Chrome, Firefox, and VSCode always have new updates and maintaining that across Application deployments and Task Sequences can be tricky. I have started to use some script wrappers to help with this. These scripts are able to be packaged up as an application and deployed however you need it to be used.  I have created 2 scripts for each application, First is the app.ps1 and the second is install.cmd. The app.ps1 script is what does all the heavy lifting, the script will download the latest version and install it as well as find the needed string to run an uninstall command so an uninstall action can be provided in Software Center. The install.cmd script is a simple batch script that executes the ps1 script. I have included this to make it easy to create an application for the script as well as provide a simple way for a technician to run the scripts independently of Software Center or SCCM