|Blade ZipKit Package Info|
|BSA Compatible Version: 8.5.x|
Created by: richard mcleod
|Type: Component Template, BL Package, Batch Job, Discovery, Compliance, Remediation|
|Tested on version: 8.5.01.218|
|Tested on host running: Windows 2008 R2, Windows 2012 R2|
This package creates a Component Template to check whether or not the Windows server in question is vulnerable to the SSL 3.0 bug.
Microsoft Vulnerability Info: https://technet.microsoft.com/en-us/library/security/3009008.aspx
Other supporting info: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566
The import will also create the necessary BL Package to remediate the flaw. Further it creates a Discovery, Remediation and Compliance batch job will can be used to auto-remediate servers where the vulnerability exists. In most cases (i've found that the registry key does not exist and there should be no harm in having it added). Remediation is based on the information found in the Microsoft technet article above.
Instructions for Importing the package:
1. Unzip the folder
2. Right Click inside of the Jobs object on a folder and choose Import
3. Step through the mapping sections selecting your destinations for the Component Template, BL Package and Jobs.
Instruction for Executing the batch job: (WARNING: THE BATCH JOB CONTAINS AUTO-REMEDIATION!)
1. Navigate to the folder you chose to import to
2. Right click the SSL_3.0-drc batch job and choose... execute against servers
3. Choose your targets
The batch job will run Discovery against the target (??TARGET.OS?? = Windows)
It will next run Compliance with Auto-Remediation and will deploy the BLPackage if the server is not compliant!
Next it will run a Compliance job to ensure the fix was deployed and the server is compliant.
*THE BATCH JOB WILL EXECUTE AUTO-REMEDIATION BY DEFAULT
**PER MICROSOFT: THE CHANGE REQUIRES A REBOOT TO TAKE EFFECT, THE JOBS LISTED HERE DO NOT EXECUTE A REBOOT