[gptalk] Re: Forbid IE 8.0 Installation...

  • From: "Darren Mar-Elia" <darren@xxxxxxxxxx>
  • To: <gptalk@xxxxxxxxxxxxx>
  • Date: Mon, 22 Sep 2008 12:49:45 -0700

Hard to say about that approach. The advantage of a hash rule is that you are 
sure you are getting the right-executable. However, since IE 8 is only in beta, 
and since they have different versions for each version of Windows, it could 
get complicated. Would anyone be interested if I could build a command-line 
utility that let you create SRP hash rules in either the local GPO or 
domain-based GPOs based on feeding in a setup file path?





From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On 
Behalf Of Frank
Sent: Monday, September 22, 2008 12:41 PM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Re: Forbid IE 8.0 Installation...


How about faking a "more recent" version?  What happens if you try to install 
IE when a "newer" version is (allegedly) installed?  --I haven't checked, by my 
first thought was to check the Install conditions on that package, if it does 
come as an MSI.

On Mon, Sep 22, 2008 at 3:30 PM, Darren Mar-Elia <darren@xxxxxxxxxx> wrote:

That would only work if MS has put some kind of hook into the IE 8 setup to
respect a particular reg value. I haven't heard of that yet, though it may



Other related posts: