cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
587
Views
0
Helpful
3
Replies

Patchlink and CSA - How can they operate together?

bethtyler
Level 1
Level 1

We have been going round and round about this problems for months. We have found that the best way to patch our environment and get around CSA is to turn CSA off. We are utilizing patchlink currently for our method to patch. Is there any way we can get around turning off CSA and be able to patch with patchlink?

3 Replies 3

tsteger1
Level 8
Level 8

I don't know what CSA rules and policies you are using but we were able to do this by creating a Patchlink app class and allowing it to do what it needed.

Specifically, the Patchlink application (dagent.exe) when run from the proper folder is allowed to:

Access all applications and files

Process downloaded content

Access all COM components

Hosts are also allowed to accept connections from the Patchlink server.

This worked for us.

Tom S

Hi,

We are having the same problem. Patchlink patches are dumped in "C:\Windows\Temp" and have different names all the time. It looks something like this:

"The process 'C:\WINDOWS\TEMP\WindowsXP-KB887472-x86-SP1-PTB.exe' (as user NT INSTANS\SYSTEM) tried to open/create the file 'C:\faebc7447883ada5faf82b\sp1qfe\msmsgs.exe' and was denied."

Next time it can be a completely different .EXE file. Is there a way to solve this?

Kind regards,

Rutger

jan.nielsen
Level 7
Level 7

You might also wan't to only allow Patchlink to run as domain admin and then load your policy with that defined user state