Difference between revisions of "MSSecurityEssentials"
From WPKG | Open Source Software Deployment and Distribution
(Added gotchas section) |
m (→Gotchas) |
||
Line 39: | Line 39: | ||
== Gotchas == | == Gotchas == | ||
− | * Soon after installation it can recognise potentially useful software as a threat. For example if you have UltraVNC installed it will flag up UltraVNC.exe and RealVNC.exe. There's a risk that a user, when prompted to quarantine such files, will choose to do so and remove the administrator's ability to connect. | + | * Soon after installation it can recognise potentially useful software as a threat. For example if you have UltraVNC installed it will flag up UltraVNC.exe and RealVNC.exe. There's a risk that a user, when prompted to quarantine such files, will choose to do so and remove the administrator's ability to connect. It would be useful to script the white-listing of specific files that should not be considered a threat. White-listing can be performed maually using: Show details → Recommendation → Select an action → Allow → Apply actions (note that Close means 'don't take any action at this point') → Close - this is saved system-wide. |
− | It would be useful to script the white-listing of specific files that should not be considered a threat. | + | |
− | White-listing can be performed maually using: Show details → Recommendation → Select an action → Allow → Apply actions (note that Close means 'don't take any action at this point') → Close - this is saved system-wide. | + | |
== References == | == References == |
Revision as of 10:22, 19 January 2010
Contents
WPKG Package
This is a silent installer and uninstaller for Microsoft Security Essentials, Windows XP, US English, 32-bit version.
<package
id="microsoft-security-essentials"
name="Microsoft Security Essentials"
revision="2"
reboot="false"
priority="1">
<check
type="uninstall"
condition="exists"
path="Microsoft Security Essentials"/>
<install
cmd='%SOFTWARE%\ms_security_essentials\mssefullinstall-x86fre-en-us-xp.exe /s /runwgacheck' />
<upgrade
cmd='%SOFTWARE%\microsoft-security-essentials\mssefullinstall-x86fre-en-us-xp.exe /s /runwgacheck /o' />
<remove
cmd='%SOFTWARE%\ms_security_essentials\mssefullinstall-x86fre-en-us-xp.exe /s /u'/>
</package>
Note than an upgrade line is required because although the program may update itself (though I'm not certain it does), if you bump the revision number then WPKG will want to run an 'update'.
Installer command-line switches
- /s - perform a silent installation
- /runwgacheck - automatically perform a Windows Genuine Advantage check
- /o - don't automatically run the updater and the system scan after installation - when you then login it may then give a red indicator and say that real time protection is off because virus definition files are out of date. I've had a few differing experiences at this point, either it updates them quickly automatically, or if you click on the system tray icon it tells you it's out of date but then updates it quickly, or it displays this then just waits for you to manually press the 'Update' button.. This is as both an Administrator and as a Restricted User.
Gotchas
- Soon after installation it can recognise potentially useful software as a threat. For example if you have UltraVNC installed it will flag up UltraVNC.exe and RealVNC.exe. There's a risk that a user, when prompted to quarantine such files, will choose to do so and remove the administrator's ability to connect. It would be useful to script the white-listing of specific files that should not be considered a threat. White-listing can be performed maually using: Show details → Recommendation → Select an action → Allow → Apply actions (note that Close means 'don't take any action at this point') → Close - this is saved system-wide.
References
* http://social.answers.microsoft.com/Forums/en/msestart/thread/a944fa0a-db4c-43da-affb-ab21eb9a4d65 * http://social.answers.microsoft.com/Forums/en-US/msestart/thread/56426422-5c5d-4296-a055-421b554f5eee
Updates
Virus Definition Updates
Virus definition updates are automatically downloaded and used.
Program Updates
Does anyone know how it handles program updates? F-Prot, for example, runs as a service so is able to automatically update itself whether or not a user is logged in as an administrator, power user or restricted user.