I recently took over a position where I need to address vulnerabilities related to applications running on our servers. It seems like this hasn't been managed properly in the past. Currently, I have about 70 out of 600 servers with outdated versions of Google Chrome installed, some with over 500 known vulnerabilities.
1. The installation of Chrome seems unnecessary for these servers, as it likely came with the initial setup. I'm looking for advice on how to ensure it doesn't get installed during future setups.
2. I also need to remove Chrome, but when I log into the servers, I can't find it listed as an installed program. It might be tied to the user profile of whoever set up the server. How do I go about locating and removing it correctly?
3 Answers
I had a similar issue with another app once. I found the offending file on a user's desktop rather than installed software on the machine itself. Your best bet might be to check user profiles across the affected servers. You could run a PowerShell script to sweep through user directories and find hidden installations.
First off, servers shouldn’t typically have browsers like Chrome on them. But if you need to remove it, check if it was ever installed as a portable app. Look in user profiles or maybe try using a tool like PDQ Deploy to help with bulk uninstalls. Simplifying your server setup to only include necessary applications will save you headaches in the future.
Honestly, I would just recommend uninstalling Chrome entirely. It's not really needed on servers, especially when Edge can handle most requirements. Focus on getting Edge properly configured using group policies instead. It’s much more manageable for enterprise environments. Plus, a lot of issues you’re facing might stem from Chrome not being setup correctly to begin with.
Thanks for the tip! I’ll look into managing Edge better.
That's a smart approach! I'll definitely give that a try.