MSXML4 vulnerability detection script

Document created by curtvprice Champion on Oct 1, 2015Last modified by curtvprice Champion on Oct 2, 2015
Version 4Show Document
  • View in full screen mode

This little python script detects the MSXML4 vulnerability. If it finds it you may want to update to 10.3.1 or later and run this Script to remove MSXML4 silently


##  To check for MSXML4 vulnerability,
##  paste this code into ArcMap's Python window
##  or run with:
##  C:\Python27\ArcGIS10.x\python.exe <script_name>
##  (The path includes the version: 10.1, 10.2, 10.3)
import os
import arcpy
ia = arcpy.GetInstallInfo("desktop")
print("\nMSXML4 Vulnerability Check\n")
ARCVER = ia["Version"]
print("ArcGIS {}, installed {} by {}".format(ARCVER, ia["InstallDate"], ia["Installer"]))
if ARCVER > "10.3":
    print("Congratulations. No ArcGIS vulnerability exists for 10.3.1 and later.")
    print("** ArcGIS MSXML4 vulnerability exists for " +
          "ArcGIS Desktop 10.3 and earlier. (This is {})".format(ARCVER))
print("\nChecking for MSXML4 components...")
f1 = os.environ["WINDIR"] + "/system32/msxml4.dll"
f2 = os.environ["SystemRoot"] + "/SysWow64/msxml4.dll"
if os.path.exists(f1):
    print("** Found {}".format(f1))
if os.path.exists(f2):
    print("** Found {}".format(f2))
if os.path.exists(f1) or os.path.exists(f2):
    print("MSXML4 components found! Uninstall MSXML4 to remove vulnerability.")
    print("No MSXML4 components found.")