Security – ODBC Vuln 175441

Time to make the doughnuts again, new Security ODBC Vuln 175441 that needs to be mitigated.  Not sure if you ever saw the commercials, but this is where my mind goes sarcastic humor and all.  Whether you’re using ACAS/Tenable/Nessus for security scans, this may show up with your SCOM servers (MS, DB), and PowerBI Report Servers.

Let’s get started to upgrade ODBC

Action:  Security scan shows a new ODBC Vuln 175441, that may impact SCOM or PowerBI Report Server talking with SQL servers.

Start with some documentation, to understand what and why…

Tenable/Nessus Link to vulnerability

Download ODBC v18 here, v17 here

Outline of mitigation steps

What servers are vulnerable

Mitigate vulnerability on affected servers

Verify server Control Panel shows update

Have Security run additional scan to verify resolved

What servers are vulnerable?

We’re focused on the ‘Security – ODBC Vuln 175441’

Begin by looking at your Security scanning tool output (PowerBI report pictured).  I am also showcasing the PowerBI report, as this streamlines what the Security Admin has to provide when System Administrators (sysAdmin) reach out for debug/details.

In my case, I wanted to see what servers are impacted.  The PowerBI Report has a built-in ‘Deep Dive’ tab to see the details from the scan/check.  Click on the Deep Dive Tab, enter the PlugIn ID (175441 for ODBC) and hit enter.  This breaks out what servers are vulnerable.   Assess what servers are yours (my output simplified to show what I own with SCOM and PowerBI 🙂  Looking at the ‘NetBIOS Name’ column.  Alternatively, the admin typically has the scan tool email XLS files.

Mitigate vulnerability on affected servers

Download ODBC v18 here, v17 here

Save to share or common path to put file on affected server(s).

Once moved, login to affected server(s), typically RDP with Local Administrator equivalent admin ID

Open Windows Explorer > Copy ODBC MSI to server

Open PowerShell (as Admin) window > Go to path > Run ODBCMSI

Now the ODBC popup window for install

Note the screenshots and progress prompts

Click ‘I accept’ radio button and then click ‘Next’

Click Next to move beyond the ODBC features screen

Click on Install

Watch progress bar  (maybe 1-2 minutes)

Click Finished

Once the MSI installer window closes, it’s time to verify server Control Panel.

Verify server Control Panel shows update

Click on Start > Control Panel > Programs > Programs and Features

In the top right search bar, type ‘ODBC’ and hit enter to filter results.

Snapshot of Control Panel before

Snapshot of Control Panel after

Hit F5 to refresh screen output

The one question is if version 17 has to be removed to clear vulnerability.  Ran into this scenario with Java, as the update left old versions.

I typically reboot the server to reinitialize server to assess any impacts, as well as boot on the new drivers.   For this instance, I coordinated my July server updates were installed to simplify my admin (as both require reboot!)

Have Security run additional scan to verify resolved

Typically SME has scheduled scans that run weekly, and can run scans on-demand.  Depending on urgency, you can decide whether or not waiting is relevant.

Enjoy!

Microsoft links

Learn article here

Download ODBC v18 here, v17 here