SMS 2003 - Security Vulnerabilities - Broadcom and Centrino Wireless
(Originally posted November 29,2006)
Some of you may have had the recent surprise of the Broadcom and Centrino Wireless vulnerabilities and have wondered how to tackle the problem. Here's what we did to pinpoint the machines.
- Within (Site Settings in the console) Client Agents > Software Inventory Client Agent > Properties
- Add a new file type *.sys
- Set the Path to a “Variable or path name” = %windir%\system32\drivers\ and Search subdirectories
- Make sure all Excludes are unchecked
- Make sure File details and Product details are checked
- Refresh machine policies on all sites where changes are made
- Initiate Software Inventory on all sites where change are made
- Wait for the data to flow up to your reporting sites
- Within (Reporting Website) Software – Files > Computers with a specific file
- Enter the filename for which you are searching. (i.e. for Broadcom wireless – BCMWL5.sys
- When the report is produced, sort by file version and export this report to an Excel spreadsheet
- Eliminate all rows which have a version which is compliant with the new standards
- Create a text file with the list of machine names and eliminate all spaces (reports tend to put spaces in strange places)
- Create a collection with the tool “Collection Adder” with the test file you just created
- Deploy your update to this collection. (each different driver will require a separate collection and deployment of course.)
I hope this helps others trying to tackle this problem.