Messages

All good, thanks!

Hi.  We've published Adobe Reader/Acrobat manually via Adobe's catalogs and SCUP for years, before we ever had PatchMyPC.  Since PatchMyPC can handle Adobe's products, and now that SCUP is deprecated, we'd like to switch to using PMPC for the Adobe stuff just like we do for all our other third party patching.

What's the best/smoothest way to accomplish this?

My idea here was do do the following, but I'm not sure if I'm overthinking it or missing anything:
1. Expire and republish the last stuff that's still current in SCUP.
2. Sync the Config Manager update point and make sure those updates are showing as expired
3. Add the appropriate Adobe items in the PMPC Publisher settings
4. Modify our ADRs as needed
5. Check in SCCM first thing in the morning, to make sure everything automated overnight as expected
6. Address any issues

Sound good?

Looks like they reverted?  Got this on last night's sync:

Downloaded Hash [0K1ab9d40nkYni8aAK+DRd5u6aU=] Catalog Hash [vf7Bt7gvdyd8jx1AmIPpq9Hd6b0=]

OK, answering my own question for posterity...

It looks like PatchMyPC is actually using the SHA1 hash instead of SHA256 as stated in the previously-linked post, and then presenting the output value in base64 rather than hex.

The file currently coming from their CDN has a SHA1 hash of D0AD5A6FD778D279189E2F1A00AF8345DE6EE9A5 (in hex, e.g. what you'll get back from Get-FileHash or from uploading it to VirusTotal) or 0K1ab9d40nkYni8aAK+DRd5u6aU= (in base64 - note that you can't just b64 encode the hex *string* but have to treat it as an actual hex value to get this).

Not sure what that hash value is.  https://patchmypc.com/forum/index.php?topic=5789.0 says that PMPC uses the SHA256 value, but neither one of those values is SHA256.  Looks more like base64 output. 


SHA256 hash of the file coming from the Akamai CDN right now is 9E881DBF1661FFD8CB0DF0A45D56D7DB8542D47EDEB6D5A1DE44E08AE36931F6, for whatever that's worth.

We're seeing the same error, with the same hash values.

Within the package details menu (right-click show package info...),

The url matches now - not sure if it did before, since... I guess it's a moot point now.  Our latest auto sync was successful after having failed for days.   

We're getting a hash mismatch (Downloaded Hash [Ixjfk62LIXEI4MusD2YhoTMSxZA=] Catalog Hash [PbqzenLoJPrk3u5S2VMLsilTLBQ=]) and the release notes say that "The June (42.6) release was the last release for Productivity Tools for Windows" so not sure where the v43 stuff even is supposed to come from.

What's the best way to handle this?  If the product's really dead, just stop syncing it?

Thanks!

Hi.  We've recently started trying to push updated versions of MBAM, but the links used for v4.x all seem to be dead.  The publishing service gets a 404 every time it runs, and looks like it's trying to pull a version from back in February (component version 1173).  I guess MB moves or removes old version installers.

There've been few component version releases since February, (two in March and one in April - https://support.malwarebytes.com/hc/en-us/articles/1500000240862-Malwarebytes-for-Windows-4-3-0-Release-Notes) but none of those appear to have made it into the PatchMyPC catalog.

The current version as of this morning is component version 1251 and lives at https://data-cdn.mbamupdates.com/web/mb4-setup-consumer/offline/mb4-setup-consumer-4.3.0.216-1.0.1251-1.0.39241.exe

Ahh, In SCUP, did you happen to open the Jabber update, and click the browse button, then browse to your download?
It seems the rules we had were overwritten, and browsing to the MSI file in the edit wizard will do that...

Yep.  We had added the version number to the filename to try to avoid confusion, since Cisco doesn't, and we already had an older version deployed that was using an un-renamed old msi.

Didn't realize that changing the filename reference would cause SCUP to blow out other, completely unrelated metadata.  WTG, Microsoft :\

Thanks for your help on this, Andrew Jimenez!

Ahhh, cool, thanks!

Code Select Expand

<sdp:SoftwareDistributionPackage xmlns="http://www.w3.org/2001/XMLSchema" xmlns:bar="http://schemas.microsoft.com/wsus/2005/04/CorporatePublishing/BaseApplicabilityRules.xsd" xmlns:bt="http://schemas.microsoft.com/wsus/2005/04/CorporatePublishing/BaseTypes.xsd" xmlns:cmd="http://schemas.microsoft.com/wsus/2005/04/CorporatePublishing/Installers/CommandLineInstallation.xsd" xmlns:lar="http://schemas.microsoft.com/wsus/2005/04/CorporatePublishing/LogicalApplicabilityRules.xsd" xmlns:msi="http://schemas.microsoft.com/wsus/2005/04/CorporatePublishing/Installers/MsiInstallation.xsd" xmlns:msiar="http://schemas.microsoft.com/wsus/2005/04/CorporatePublishing/MsiApplicabilityRules.xsd" xmlns:msp="http://schemas.microsoft.com/wsus/2005/04/CorporatePublishing/Installers/MspInstallation.xsd" xmlns:sdp="http://schemas.microsoft.com/wsus/2005/04/CorporatePublishing/SoftwareDistributionPackage.xsd" xmlns:uei="http://schemas.microsoft.com/wsus/2005/04/CorporatePublishing/Installers/UpdateExeInstallation.xsd" xmlns:usp="http://schemas.microsoft.com/wsus/2005/04/CorporatePublishing/UpdateServicesPackage.xsd" xmlns:drv="http://schemas.microsoft.com/wsus/2005/04/CorporatePublishing/Installers/WindowsDriver.xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" SchemaVersion="1.2">
  <sdp:Properties PackageID="5eef58f4-8326-4b59-af7c-77c2246f485f" CreationDate="2021-03-30T19:38:35.021Z" VendorName="Patch My PC" PublicationState="Expired" CanSourceBeRequired="false" UpdateType="Software">
    <sdp:MoreInfoUrl>https://www.cisco.com/c/en/us/td/docs/voice_ip_comm/jabber/12_9/cjab_b_release-notes-cisco-jabber-129/cjab_b_release-notes-cisco-jabber-129_chapter_010.html#topic_AC7A6166389ABA7714A073B3C2CA7CE2</sdp:MoreInfoUrl>
    <sdp:SupportUrl>https://www.cisco.com/c/en/us/support/unified-communications/jabber-windows/tsd-products-support-series-home.html</sdp:SupportUrl>
    <sdp:ProductName>SCUP Updates</sdp:ProductName>
  </sdp:Properties>
  <sdp:LocalizedProperties>
    <sdp:Language>en</sdp:Language>
    <sdp:Title>Cisco Jabber 12.9.5.55511</sdp:Title>
    <sdp:Description>This release contains bug fixes, enhancements &amp; security fixes. See "More info URL/Help document" for the full release notes details.</sdp:Description>
  </sdp:LocalizedProperties>
  <sdp:UpdateSpecificData MsrcSeverity="Critical" UpdateClassification="Security Updates">
    <sdp:SecurityBulletinID>PMPC-2021-03-26</sdp:SecurityBulletinID>
    <sdp:KBArticleID>PMPC-2021-03-26</sdp:KBArticleID>
  </sdp:UpdateSpecificData>
  <sdp:SupersededPackages>
    <sdp:PackageID>b35befc1-febf-404d-ad46-2916ebc570c2</sdp:PackageID>
    <sdp:PackageID>2166d7ac-ef55-4fde-b11c-0f80d3315a5f</sdp:PackageID>
    <sdp:PackageID>15e2970a-37f4-4283-b0a1-7321a5818edb</sdp:PackageID>
    <sdp:PackageID>42773bfa-0192-4555-92f8-bfc285031948</sdp:PackageID>
    <sdp:PackageID>38d155e3-e16f-4278-ac4c-8fcae01744e1</sdp:PackageID>
    <sdp:PackageID>352d8d4b-65ec-4e5e-a8fa-dc8451269f58</sdp:PackageID>
    <sdp:PackageID>68069588-150b-4bdf-a2f8-1d24e01fa31e</sdp:PackageID>
    <sdp:PackageID>c4933fe2-f737-463e-b2bd-b8393af111cb</sdp:PackageID>
  </sdp:SupersededPackages>
  <sdp:InstallableItem ID="cb683082-119b-49c4-a0df-a8598c3c1ec6">
    <sdp:ApplicabilityRules>
      <sdp:IsInstalled>
        <msiar:MsiApplicationInstalled />
      </sdp:IsInstalled>
      <sdp:IsSuperseded>
        <msiar:MsiApplicationSuperseded />
      </sdp:IsSuperseded>
      <sdp:IsInstallable>
        <msiar:MsiApplicationInstallable />
      </sdp:IsInstallable>
      <sdp:Metadata>
        <msiar:MsiApplicationMetadata>
          <msiar:ProductCode>{a17cad61-815c-42aa-b6e7-76afef2c9311}</msiar:ProductCode>
        </msiar:MsiApplicationMetadata>
      </sdp:Metadata>
    </sdp:ApplicabilityRules>
    <sdp:InstallProperties CanRequestUserInput="false" RequiresNetworkConnectivity="false" Impact="Normal" RebootBehavior="CanRequestReboot" />
    <msi:MsiInstallerData ProductCode="{00000000-0000-0000-0000-000000000000}" MsiFile="CiscoJabberSetup12.9.5.msi" CommandLine="REBOOT=ReallySuppress" />
    <sdp:OriginFile Digest="4mSG6MRBaMKynmvNp6Xc4rD3z9g=" FileName="CiscoJabberSetup12.9.5.msi" Size="159169536" Modified="2021-03-29T14:38:37.003Z" OriginUri="\\LocalHost\PatchMyPCRepository\CiscoJabberSetup12.9.5.msi"></sdp:OriginFile>
  </sdp:InstallableItem>
</sdp:SoftwareDistributionPackage>

Nope.  That looks like it's referencing the PatchMyPC publishing tool, I'm guessing?  We're using SCUP, and the "Installable Rules" just shows "WSUS Generated MSI installable rule (read only)" with no way I can find yet to see what it actually is.

Hi.  Not sure if we're an anomaly or what, but the most recent Jabber update, 12.9.5.xxxxx, which initially was dependent on having the msi in the local repository, seems to have bad applicability logic.  After deploying it, it didn't just update those workstations that had old versions, it installed on EVERY workstation - even ones that had not Jabber install, prior.

Might be bad metadata?  We're now seeing two instances of supposed 41.3.4.5, but the download for the newer one appears to actually be the installer for 41.3.5.8.

• Catalog from the 17th (120.62MB, msi signed on the 11th, MD5 = 379C9A822C918F0D3E681A7689E40413, SHA256 = 5631F17F4155FFA81AA43F71F5927D090D0CDEBB7676CEAC3AB8D7B16121F925 )
  
• Catalog from the 23rd - we have not published this one yet, but downloading from the link associated with it gets a different msi file (120.58MB, msi signed on the 19th, MD5 = 6A5C6930275DEDF9809A732DC3D1B45F, SHA256 = 198FE4E80F3F4760B0C1DC127A3399FCE08389E906690F82B33C79A96E34CD93, and internal properties say it's 41.3.5.8 )

Newer one is marked as superseding the one from the 17th/11th.

Cisco's site lists the release from the 19th as version 41.3.5, not 41.3.4.