HFNetChk and the Microsoft Baseline Security Analyzer allow me to scan
a domain and view a list of hotfixes *not* installed on machines. I
want to go one step further and generate a list of all hotfixes
installed on all machines- including the individual hotfixes included
in the rollups. Ideally, I'd also like it to include hotfix q-numbers
included in applied service packs.
Basically, I want to be able to take a given IDS alert from my IDS log, identify the
hotfix(es) that address(es) the issue, and look at an explicit list
for the targeted machine to verify that the fix(es) have been applied.
Ultimately I will do this programmatically as a way to be able to
focus my attention only on attacks that may have compromised my
systems. To do this, however, I need to generate the list of
installed hotfixes first.
HFNetChk allows me to view hotfixes explicitly installed (using the
-history switch), but this only includes hotfixes installed
individually and doesn't enumerate hotfixes included in rollups or
service packs.
Does anyone know of a way for me to generate such a list of installed
hotfixes?
Simon Binder
--
Manager, Information Technology
Glynwood Center
PO Box 157
Cold Spring, NY 10516
845-265-3338 Fax: 845-265-3391
mailto:sbinder (at) glynwood (dot) org [email concealed]
http://www.glynwood.org
HFNetChk and the Microsoft Baseline Security Analyzer allow me to scan
a domain and view a list of hotfixes *not* installed on machines. I
want to go one step further and generate a list of all hotfixes
installed on all machines- including the individual hotfixes included
in the rollups. Ideally, I'd also like it to include hotfix q-numbers
included in applied service packs.
Basically, I want to be able to take a given IDS alert from my IDS log, identify the
hotfix(es) that address(es) the issue, and look at an explicit list
for the targeted machine to verify that the fix(es) have been applied.
Ultimately I will do this programmatically as a way to be able to
focus my attention only on attacks that may have compromised my
systems. To do this, however, I need to generate the list of
installed hotfixes first.
HFNetChk allows me to view hotfixes explicitly installed (using the
-history switch), but this only includes hotfixes installed
individually and doesn't enumerate hotfixes included in rollups or
service packs.
Does anyone know of a way for me to generate such a list of installed
hotfixes?
Simon Binder
--
Manager, Information Technology
Glynwood Center
PO Box 157
Cold Spring, NY 10516
845-265-3338 Fax: 845-265-3391
mailto:sbinder (at) glynwood (dot) org [email concealed]
http://www.glynwood.org
------------------------------------------------------------------------
-----
------------------------------------------------------------------------
------
[ reply ]