I have been working with LANDesk to get Product Definitions (many call them "patches") for items that are EOL and I am happy to say that they have done for a about a dozen items so far!
Why? Why would I or most others want this? When a product (we'll use Acrobat v7 for our example) goes EOL, that mean Adobe no longer offer vulnerabilities for this product, but it in no way means it is not vulnerable to various exploits.
The way that LANDesk works is based on their being a product definition (patch) that has rules to check for applications, etc, that need to be patched, if found it would would offer to patch the product. With EOL items, there were no patches offered, thus no product definitions were in place to scan against.
With the introduction of the "EOL" definitions, LANDesk now scans for these know EOL items and if found, reports them as vulnerable. The definitions by default do not offer to fix the problem, just report to you the issue. If you were so inclined, you could clone the definition and add your own custom remediation... we will be adding our own removal scripts to uninstall some of these...
Another team at our site runs a third party security scanner and were finding a number of vulnerabilities based on EOL apps and were coming to me asking why we were not patching these and why LANDesk was not detecting them. With LANDesk being our main tool for detection and remediation, my team was caught with egg on our face.
LANDesk will be adding more of these definitions and I want to thank LANDesk for doing this.
I strongly urge all of your to ensure these new EOL items are in your scan folder and that you find a way to act upon the results!
Here's what is in content now:
