Advertisement
Good day all.<\/p>\n
I recently inherited ownership of a Fortinet EMS server, as well as all the vulnerabilities and at-risk endpoints that come along with it.<\/p>\n
I have been working to patch or remove software as much as possible, however I am noticing some issues with Python and log4net.dll in particular.<\/p>\n
Python:
\nCertain users’ machines show flags for python CVE. I have had these users update or uninstall python if they are not using it. On my machine, uninstalling and downloading a new version cleared the alert. However this is not the case for some. After completing this task, some users still show scans indicating critical python CVEs, even though in some instances python is not on their machine.<\/p>\n
I understand there can be remnants, so what would the best way to ensure all aspects of python are either removed, or properly patched?<\/p>\n
log4net:
\nApache log4net has been a pain for me, because the log4net.dll is used by quite a few programs. I used mRemoteNG for rdp sessions, and upon updating log4net.dll, it broke my program.<\/p>\n
I have a script that locates instances of this .dll and updates them to the newer version. The script and replacement work, but I do not wish to break other peoples programs. Has anyone ever had to patch this particular file?<\/p>\n
Conclusion: I am a bit new when it comes to more granular patch management (usually just server and workstation OS patches), so I am looking for best practices, and any advice about performing thorough searches and patching.<\/p>\n
Thank you.<\/p>","upvoteCount":6,"answerCount":5,"datePublished":"2025-07-16T18:25:00.890Z","author":{"@type":"Person","name":"jaydenf8","url":"https://community.spiceworks.com/u/jaydenf8"},"suggestedAnswer":[{"@type":"Answer","text":"
Good day all.<\/p>\n
I recently inherited ownership of a Fortinet EMS server, as well as all the vulnerabilities and at-risk endpoints that come along with it.<\/p>\n
I have been working to patch or remove software as much as possible, however I am noticing some issues with Python and log4net.dll in particular.<\/p>\n
Python:
\nCertain users’ machines show flags for python CVE. I have had these users update or uninstall python if they are not using it. On my machine, uninstalling and downloading a new version cleared the alert. However this is not the case for some. After completing this task, some users still show scans indicating critical python CVEs, even though in some instances python is not on their machine.<\/p>\n
I understand there can be remnants, so what would the best way to ensure all aspects of python are either removed, or properly patched?<\/p>\n
log4net:
\nApache log4net has been a pain for me, because the log4net.dll is used by quite a few programs. I used mRemoteNG for rdp sessions, and upon updating log4net.dll, it broke my program.<\/p>\n
I have a script that locates instances of this .dll and updates them to the newer version. The script and replacement work, but I do not wish to break other peoples programs. Has anyone ever had to patch this particular file?<\/p>\n
Conclusion: I am a bit new when it comes to more granular patch management (usually just server and workstation OS patches), so I am looking for best practices, and any advice about performing thorough searches and patching.<\/p>\n
Thank you.<\/p>","upvoteCount":6,"datePublished":"2025-07-16T18:25:00.967Z","url":"https://community.spiceworks.com/t/procedures-to-patch-remove-remnants-of-a-cve/1224382/1","author":{"@type":"Person","name":"jaydenf8","url":"https://community.spiceworks.com/u/jaydenf8"}},{"@type":"Answer","text":"
That is a very old finding, it could be old dlls, try searching for the ones noted and remove them, it could also be old registry keys or leftover pieces of the product, where the version number is the reason for the flag.<\/p>\n
Other reasons may be:<\/p>\n
Remnants of old Python installs (e.g., in Start by location the files<\/p>\n and checking the registry keys<\/p>\n Hi Jay,<\/p>\n Use Microsoft fixit to uninstall the remaining agents completely. please find below link.<\/p>\nAppData<\/code>, ProgramData<\/code>, or custom install paths)
\nMultiple versions installed side-by-side<\/p>\nGet-ChildItem -Path C:\\ -Recurse -Include python.exe -ErrorAction SilentlyContinue<\/code><\/p>\nHKEY_LOCAL_MACHINE\\SOFTWARE\\Python\nHKEY_CURRENT_USER\\SOFTWARE\\Python\n<\/code><\/pre>","upvoteCount":4,"datePublished":"2025-07-16T19:35:36.317Z","url":"https://community.spiceworks.com/t/procedures-to-patch-remove-remnants-of-a-cve/1224382/2","author":{"@type":"Person","name":"Rod-IT","url":"https://community.spiceworks.com/u/Rod-IT"}},{"@type":"Answer","text":"