https://community.cisco.com/t5/network-security/msiexec-issue/m-p/357875#M99462 <P>We are experiencing some issue with this, Luckily these users are in test mode but in a couple of days they will be deployed to live.</P><P></P><P>If you see below this is the alert, Do you think its o.k. To create an exception rule for this. What are your thoughts?</P><P></P><P>TESTMODE: The current application 'C:\WINNT\system32\services.exe' (as user NT AUTHORITY\SYSTEM) is trying to execute the new application 'C:\WINNT\system32\msiexec.exe'. The user would have been prompted as to the action to take</P> Sun, 10 Mar 2019 09:24:37 GMT jameswestley 2019-03-10T09:24:37Z https://community.cisco.com/t5/network-security/msiexec-issue/m-p/357875#M99462 <P>We are experiencing some issue with this, Luckily these users are in test mode but in a couple of days they will be deployed to live.</P><P></P><P>If you see below this is the alert, Do you think its o.k. To create an exception rule for this. What are your thoughts?</P><P></P><P>TESTMODE: The current application 'C:\WINNT\system32\services.exe' (as user NT AUTHORITY\SYSTEM) is trying to execute the new application 'C:\WINNT\system32\msiexec.exe'. The user would have been prompted as to the action to take</P> Sun, 10 Mar 2019 09:24:37 GMT https://community.cisco.com/t5/network-security/msiexec-issue/m-p/357875#M99462 jameswestley 2019-03-10T09:24:37Z https://community.cisco.com/t5/network-security/msiexec-issue/m-p/357876#M99464 <HTML><HEAD></HEAD><BODY><P>I guess upgrading to 4.0.3 will resolve the issue.</P></BODY></HTML> Mon, 25 Apr 2005 13:04:07 GMT https://community.cisco.com/t5/network-security/msiexec-issue/m-p/357876#M99464 a-vazquez 2005-04-25T13:04:07Z https://community.cisco.com/t5/network-security/msiexec-issue/m-p/357877#M99465 <HTML><HEAD></HEAD><BODY><P>what a stupid answer..em why ?</P></BODY></HTML> Wed, 27 Apr 2005 11:50:19 GMT https://community.cisco.com/t5/network-security/msiexec-issue/m-p/357877#M99465 jameswestley 2005-04-27T11:50:19Z https://community.cisco.com/t5/network-security/msiexec-issue/m-p/357878#M99466 <HTML><HEAD></HEAD><BODY><P>This is caused when a user logs on and a Windows Installer installed product tries to verify the installation (it's profile specific). Whatever the product is, it's configured to look for the installation files using the msiexec and that's what triggers the installation alert. Unfortunately it's a pretty broad exception you'd have to make to allow it. You might want to look at the app that's causing it first before making an exception.</P><P></P><P>Tom</P></BODY></HTML> Thu, 28 Apr 2005 18:09:05 GMT https://community.cisco.com/t5/network-security/msiexec-issue/m-p/357878#M99466 tsteger1 2005-04-28T18:09:05Z https://community.cisco.com/t5/network-security/msiexec-issue/m-p/357879#M99467 <HTML><HEAD></HEAD><BODY><P>James,</P><P></P><P>I was wondering if you ever got an answer to this message, and if not what you eventually tried. We are seeing the same message on all our clients several times a day.</P><P></P><P>Rusty</P></BODY></HTML> Tue, 13 Dec 2005 19:13:56 GMT https://community.cisco.com/t5/network-security/msiexec-issue/m-p/357879#M99467 rspoon17 2005-12-13T19:13:56Z https://community.cisco.com/t5/network-security/msiexec-issue/m-p/357880#M99468 <HTML><HEAD></HEAD><BODY><P>CSA 4.5 fix this problem with a rule that give services.exe access to the system directory</P><P></P><P>Greg Owens</P></BODY></HTML> Wed, 14 Dec 2005 21:28:26 GMT https://community.cisco.com/t5/network-security/msiexec-issue/m-p/357880#M99468 owensgl 2005-12-14T21:28:26Z