How to generate list of patches installed?

From: Simon R. Binder (sbinder_at_glynwood.org)
Date: 07/09/03

  • Next message: Shay Wilson: "RE: investigating misuse of the internet" 
    Date: Wed, 9 Jul 2003 12:50:36 -0400
To: Focus-MS <focus-ms@securityfocus.com>

    Hi, folks-

    HFNetChk and the Microsoft Baseline Security Analyzer allow me to scan
    a domain and view a list of hotfixes *not* installed on machines. I
    want to go one step further and generate a list of all hotfixes
    installed on all machines- including the individual hotfixes included
    in the rollups. Ideally, I'd also like it to include hotfix q-numbers
    included in applied service packs.

    Basically, I want to be able to take a given IDS alert from my IDS log, identify the
    hotfix(es) that address(es) the issue, and look at an explicit list
    for the targeted machine to verify that the fix(es) have been applied.
     Ultimately I will do this programmatically as a way to be able to
    focus my attention only on attacks that may have compromised my
    systems. To do this, however, I need to generate the list of
    installed hotfixes first.

    HFNetChk allows me to view hotfixes explicitly installed (using the
    -history switch), but this only includes hotfixes installed
    individually and doesn't enumerate hotfixes included in rollups or
    service packs.

    Does anyone know of a way for me to generate such a list of installed
    hotfixes?

    Simon Binder 

    -- 
Manager, Information Technology
Glynwood Center
PO Box 157
Cold Spring, NY 10516
845-265-3338 Fax: 845-265-3391
mailto:sbinder@glynwood.org
http://www.glynwood.org
-----------------------------------------------------------------------------
------------------------------------------------------------------------------
  • Next message: Shay Wilson: "RE: investigating misuse of the internet"

    Relevant Pages
    • Quantcast