5 Replies Latest reply on Oct 6, 2012 2:52 PM by rmetzger

    Updating DATs on a Stand-Alone System as a Non-Admin User

      We have a large number of stand-alone systems that require regular AntiVirus updates.  We are currently using Symantec but may have to switch to McAfee.  Symantec was chosen for the sole reason that users can update the virus signatures w/o administrator intervention.

       

      Is there a method to update McAfee DATs w/o privilege escalation?

       

      Thank You,

      PaCook

        • 1. Re: Updating DATs on a Stand-Alone System as a Non-Admin User
          alexn

          Once VSE is installed with administrative priviliges, any user can run updates or may set a schedule for it on a standalone machine.

          1 of 1 people found this helpful
          • 2. Re: Updating DATs on a Stand-Alone System as a Non-Admin User

            I guess I should clarify.  Stand-Alone here is just that...No network connections.  No Internet.  Systems are setup with the NIC removed and/or disabled.

            The ony method I know of for manual update is the SDAT...But that requires admin access.  Thus the problem.

             

            Thanks

            • 3. Re: Updating DATs on a Stand-Alone System as a Non-Admin User
              alexn

              in this case you will run the DAT exe file by copying in any flash drive, if systems are not connected.DAT file is available

               

              DAT files are available here and anyone can download and save it in externel storage or usb device.

               

              http://www.mcafee.com/apps/downloads/security-updates/security-updates.aspx

              • 4. Re: Updating DATs on a Stand-Alone System as a Non-Admin User

                Most of these devices are locked down pretty tight.  Users cannot run the SDAT because it requires admin access.

                 

                I can make files available to them but I have to have a method that can be accomplished with User Only Access.

                 

                Thanks...PaCook

                • 5. Re: Updating DATs on a Stand-Alone System as a Non-Admin User
                  rmetzger

                  Hi Walter,

                   

                  Walter Cook wrote:

                   

                  Most of these devices are locked down pretty tight.  Users cannot run the SDAT because it requires admin access.

                   

                  I can make files available to them but I have to have a method that can be accomplished with User Only Access.

                   

                   

                  Well, since they are really locked down pretty tight, you may want to consider this strategy:

                   

                  1) Login to the PC as Admin (administrator rights, elevated if Vista or up)

                   

                  2) Schedule a job to run periodically (say every hour or so) that runs a batch file. The credentials of the job needs to be the Admin (rights) account.

                  If this is Vista or up, you may need to disable UAC for this to work.

                   

                  3) Create a batch file, (used in the scheduled job,) that runs the sdatxxxx.exe file. Upon Successful completion of sdatxxxx.exe, the batch job deletes sdatxxxx.exe. This way the batch file simply exits out if the sdatxxxx.exe is not present, at the next scheduled run.

                  If this is Vista or up, you may need to disable UAC for this to work.

                   

                  4) Using the directory defined in your batch file above, copy sdatxxxx.exe to that directory. Then Wait for the next scheduled run. The method of copy can be via USB flash drive, CD, DVD, whatever is available. This can be done by the user at a later time, without Admin rights.

                   

                  I would recommend a check of the sdatxxxx.exe file for a proper and valid signature to ensure the file is not itself infected or altered. I use Sigcheck.exe from http://technet.microsoft.com/en-US/sysinternals to check the signatures of these files.

                   

                  Hope this helps.

                  Ron Metzger