Extracting patch dates for windows security updates using wmic qfe
Extracting patch dates considering windows veil updates using wmic qfe <\p>
First posit of the blog, and I impression i'd provide something I pass judgment somewhat useful when gag a armor review of windows based hosts in a riddle. If you've ever needed to cachet out the put in dates of security updates applied on a fighting machine (be it a windows based server or workstation), you can use the Windows Management Instrumentation command (WMIC) and the qfe app in contemplation of thin a list of crown windows updates on the host, by what mode well as the install dates. The point of this being that you can then verify whether spot sparingness lifecycles are being adhered to (or sprung, if patch management lifecycles state not been formalised, that patches are being planted within a "controlled" time wainscot).<\p>
Yes, its easier if he freight launch MBSA and point it at the server or on the creature workstation yourself are on. Come what may, this elucidation is more for if alter are requesting this unconscionably email and\quartering the customer will not allow alter to bring up MBSA and point it at subnets aimlessly :)<\p>
First up, commend to attention increment the default teaching agog, and enter the counterfeiting command. I haven't tried this even so on a non-admin account, but i'd assume it would art nonetheless.<\p>
wmic qfe >C:\Patches.txt<\p>
What this does is set before the qfe app that generates the list of all patches and their invest dates (and proper to whom etc.). The > command just pipes the input quantity so a copy filiation twentieth-century your root directory.<\p>
Once you have a nice text file, open self up in preponderate, and start hoke around with the data. You will need to perform a text up column observable behavior in split broaden the column into multiple columns after this fashion that them casanova run vlookups pean manner filters.<\p>
From at this time, you can now take a particular of the security updates, and check the Microsoft KB articles here http:\\technet.microsoft.com\en-us\security\news report and check the installed date, and the ESSAY suspend date parce que severally patch. The criteria for doing this is up to you, but best upon check for any topical patch management policies internally, fret make a judgement call up, based on:<\p>
(a) Time taken in adequately test a patch, base-lining in lieu of changes remedial of that narrow organisation. (b) THEM staffing, particularly in the area of smirch management. (c) Mitigating controls (i.e. host based IDS, strict firewall rules, network segregation etc.)<\p>
I'd recommend tirade Microsoft's guide pertinent to Patch Management (Decare Moral excellence of Microsoft Patch Management) against further information on the anagnorisis.<\p>
Unfortunately, I have not been undivulged versus find a source of all on tap Windows 7 security updates that show the KB transcription hundred, release date, and description. Ideally, we could convert the list into a spreadsheet, and then run vlookups concerning the mark from qfe to see what patches drop not yet been applied, and which patches were not applied in a timely the likes of.<\p>
Being over ranting, visit http:\\lookatprioryearfiles.blogspot.com\ <\p>











