Last Build Installed

[miguelfaldutti87]

Hi!
For I can say, it seems that if you have the last build you have all the previous accumulative patchs. But, when you do a systeminfo, you only get the generic build number (17134 in my case).
What I found is that this guy found a way to get this data with PowerShell:
https://gist.github.com/SMSAgentSoftware/78659181ccbe0f59677209f3487d7030#file-get-windowsversion-ps1

When you run the script you get the full OS Build: 17134.619. Once you get it, you can compare and automatically skip previous KB.

I hope this could be helpful for you.

[bitsadmin]

Nice suggestion!

Maybe besides depending on the systeminfo output, we should develop a (PowerShell) collector script which collects all useful information from the local or a remote system which can then be fed into the wes.py script.

[miguelfaldutti87]

I was trying to simplify the powershell script. What I can get is the following python code:

    build = subprocess.Popen(["C:\\WINDOWS\\system32\\WindowsPowerShell\\v1.0\\powershell.exe", "(Get-ItemProperty 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion' -Name CurrentBuild).CurrentBuild"], stdout=subprocess.PIPE);
    ubr = subprocess.Popen(["C:\\WINDOWS\\system32\\WindowsPowerShell\\v1.0\\powershell.exe", "(Get-ItemProperty 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion' -Name UBR).UBR"], stdout=subprocess.PIPE);
    osbuild = str(build.communicate()[0]) + '.' + str(ubr.communicate()[0])
    osbuild = osbuild.replace('b\'','')
    print(osbuild.replace('\\r\\n\'',''))

So, now you have the full Build into the "osbuild" variable (actually you have it on the print line but.... you understand jaja). Now you have to compare this number with the Windows Catalog I suppouse.
I know that this code is not the most beautiful code in the world so please if you can improve it, please do it!

[dormancygrace]

there is bug (?) in wes. It shows vulnerabilities for "missing" KB, but for Windows 10 and also Server 2016 cumulative updates supersedes previous ones