Version
Cb Response 5.2.x Windows Sensor
Issue
The GPO uninstall/upgrade issues center around installing via .exe and then upgrading via .msi or vice versa. If you try to do this using the 5.2.x version of the windows sensor, it's possible that the upgrade will fail and/or you will end up with duplicate or "orphaned" entries in the Add/Remove Programs dialog. These extra entries shouldn't be anything more than an annoyance. You can follow the below steps for removing the duplicates
Cause
This is caused by a limitation in the Microsoft installer version fields. One of the fields that we were using to hold the build date such as '170223' was actually limited to a maximum value of around 65,000. Due to this, the internal logic of the installer couldn't tell a newer release had a higher version number than an older version, so would bail out of the install/upgrade.
Solution
Workaround
These will delete the duplicate entry created by the MSI installer:
32-bit systems:
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2ADD03FC-5CBA-4BF7-A20B-5CD5B2EA3F4A} |
64-bit systems:
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2ADD03FC-5CBA-4BF7-A20B-5CD5B2EA3F4A} |
Solution
This issue has been addressed in the 5.3.1 sensor release: Cb Response 5.2/5.3 Documentation and Solution Repository
Note: The 5.3.x release is just a patch release labeled as a new minor release so that the MSI installer works properly
This issue is not present in the 6.x release: Cb Response 6.1 Documentation and Solution Repository