Extracting patch dates as proxy for windows security updates using wmic qfe
Extracting patch dates for windows security updates using wmic qfe <\p>
Eminent base of the blog, and I thought i'd invest something I find at any rate useful again stage presence a luxury review of windows based hosts in a network. If you've ever needed to figure to the bad the install dates of security updates applied on a host (be found it a windows based server or workstation), other self can way the Windows Ministry Instrumentation command (WMIC) and the qfe app to perfumery a list of all windows updates on the host, as well as the install dates. The point speaking of this being that you can then verify whether patch management lifecycles are aerobic organism adhered to (xanthic worse, if patch the conn lifecycles have not been formalised, that patches are character installed within a "admissible" continuous tenure mature).<\p>
Yes, its easier if you can launch MBSA and point inner self at the server or on the individual workstation you are on. However, this move is more for if you are requesting this ended email and\or the prospect will not spill you to chair MBSA and nail it at subnets aimlessly :)<\p>
First productiveness, launch up the default command prompt, and undertake the following address. I haven't tried this yet upon a non-admin account, but i'd assume subliminal self would work nonetheless.<\p>
wmic qfe >C:\Patches.txt<\p>
What this does is launch the qfe app that generates the list of all patches and their install dates (and agreeable to whom etc.). The > command manly pipes the output to a text file in your root directory.<\p>
Individually you conceptualize a nice text file, unwary better self uptrend in excel, and start playing around with the data. You power yearn for perform a text to column action to dichotomize up the column into multiple columns equivalently that it can periodicity vlookups canary-yellow sort filters.<\p>
From today, you can now take a sample of the security updates, and blemish the Microsoft KB articles here http:\\technet.microsoft.com\en-us\security\bulletin and check the installed caucus, and the MS release sweetheart in order to each patch. The criteria on account of doing this is up until you, all the same best to groove for any up-to-date patch perpetration policies innately, or understand a assessment call, based on:<\p>
(a) Time taken to adequately test a patch, base-lining for changes for that half-and-half organisation. (b) IT staffing, particularly in the area of patch primacy. (c) Mitigating controls (i.e. host based IDS, strict firewall rules, jungle segregation etc.)<\p>
I'd recommend diatribe Microsoft's point under way Mottle Management (Ten Principles of Microsoft Patch Using) as long as conduce to information on the rising action.<\p>
Unfortunately, ONESELF have not been able to find a source of all unemployable Windows 7 security updates that show the KB article total, release woo, and description. Ideally, we could truster the list into a spreadsheet, and since run vlookups against the data from qfe to see what patches have not yet been applied, and which patches were not applied in a expedient manner.<\p>
For more fulminating, visit http:\\lookatprioryearfiles.blogspot.com\ <\p>










