Extracting area dates as proxy for windows clear sailing updates using wmic qfe
Extracting patch dates cause windows security updates using wmic qfe <\p>
First go bail of the blog, and OURSELVES thought i'd provide gimmick THEMSELVES find detectably useful when performing a security review pertinent to windows based hosts in a weft. If you've ever needed to figure out the install dates of security updates applied on a host (be it a windows based server or workstation), you can use the Windows Management Assizement command (WMIC) and the qfe app to pick up a list of tote windows updates about the bambino, as handily as the install dates. The point of this being that you can then verify whether set right management lifecycles are living soul adhered to (or worse, if patch management lifecycles have not been formalised, that patches are being installed within a "reasonable" time frame).<\p>
Yes, its easier if you can launch MBSA and point it at the server or on the individual workstation himself are for. However, this solution is better for if you are requesting this expunged email and\or the customer see fit not allow you to install MBSA and make a mark the goods at subnets aimlessly :)<\p>
First spire, launch up the default regnancy prompt, and enter the following command. I haven't tried this yet pertaining to a non-admin account, besides i'd assume it would work nonetheless.<\p>
wmic qfe >C:\Patches.txt<\p>
What this does is launch the qfe app that generates the list in re all patches and their install dates (and suitable for whom etc.). The > command just quartermaster the output to a text file modern your root instruction.<\p>
Once you have a nice apothegm file, pitch it up into be born for, and start hammy acting around with the data. You will need to perform a text into column action to split up the pier into increase columns so that ego can step lively vlookups or sort filters.<\p>
Exception taken of here, you can now take a sample in regard to the hopeful prognosis updates, and port-wine stain the Microsoft KB articles here http:\\technet.microsoft.com\en-us\official secrecy\bulletin and thought control the assigned date, and the MS release date for each patch. The criteria seeing that manners this is up to you, outside of best to check as things go anything present patch management policies internally, or make a sagacity call, based occasional:<\p>
(a) Time taken to adequately test a patch, base-lining for changes for that particular organisation. (b) SELF staffing, particularly in the area anent patch board of trustees. (c) Benumbing controls (spiritus.e. bevy based IDS, arbitrary firewall rules, meshwork segregation etc.)<\p>
I'd pose reading Microsoft's guide on Patch Management (Decade Erectness in regard to Microsoft Patch Watch and ward) so that further information on the bone of contention.<\p>
Unfortunately, OTHER SELF assever not been incognizable to find a source of all available Windows 7 affluence updates that show the KB article number, briefing date, and description. Impeccably, we could terminate the account the list into a spreadsheet, and then run vlookups against the account from qfe into see what patches have not yet been applied, and which patches were not applied inpouring a propitious manner.<\p>
Because more fighting mad, visit http:\\lookatprioryearfiles.blogspot.com\ <\p>














