Notification

Icon
Error

Meltdown and Spectre

Posted: Thursday, January 4, 2018 3:57:42 PM(UTC)
Bruce.B

Bruce.B

Member Administration Original PosterPosts: 513
28
Like
Support for modifying this report will end on the 2nd of April 2018, newly released KB after that date will need to be manually added.

Recently it has become clear that there are some critical vulnerabilities in modern Intel processors. More specific information about this can be found in this article, at the bottom of the article you can find vendor-specific security bulletins.

In the context of these vulnerabilities, Microsoft has created security patches for all supported operating systems, which are Windows 7 SP1, Windows Server 2008R2 SP1 and newer. The report below will list all of your Intel-based Windows computers that have not yet been patched or where this could not be determined.

Microsoft released a guide on how to install updates for Windows 10 computers that don't have the required policies enabled, which can be found here.


Update 8th of January 2018:

-added the already available monthly security rollup KB for Windows 7, 8, 2008, 2012 and 2012R2
Update 10th of January 2018:
-Added computer serial numbers and BIOS versions to the report.
-An alternative report listing both assets that haven't been patched and assets that have been can be found here.
-Removed SQL Code formatting to prevent copy/paste issues using Edge browsers
Update 18th of January 2018:
-Added KB4057144 for Windows 10 1703
Update 22nd of January 2018:
-Added KB4073291 for Windows 10 1709
-Added KB4057142 for Windows 10 1607 and Windows Server 2016
-Added KB4075200 for Windows 10 1511
-Added KB4075199 for Windows 10 initial release version
Update 29th of January 2018:
-Added KB4057401 for Windows 8.1 and 2012R2 (preview of monthly roll up)
-Added KB4057400 for Windows 7 and 2008R2 (preview of monthly roll up)
-Added KB4057402 for Windows 2012 (preview of monthly roll up)
Update 13th of February:
-Added KB4058258 for Windows 10 1709
-Added KB4077735 for Windows 10 initial release version
Update 14th of February:
-Added Windows 7 + 2008R2: KB4074598
-Added Windows 8.1 + 2012R2: KB4074594
-Added Windows 2012: KB4074593
-Added Windows 10 1709 (16299): KB4074588
-Added Windows 10 1703 (15063): KB4074592
-Added Windows 10 1607 (14393) + Windows Server 2016: KB4074590
-Added Windows 10 1511 (10586): KB4074591
-Added Windows 10 initial release (10240): KB4074596
Update 7th of March:
-Added Windows 10 1709 (16299): KB4090913
-Added Windows 10 1703 (15063): KB4077528
-Added Windows 10 1607 (14393) + Windows Server 2016: KB4077525
Update 15th of March:
-Added Windows 10 1703 (15063): KB4092077 + KB4088782
-Added Windows 10 1709 (16299): KB4088776
-Added Windows 10 1607 (14393) + Windows Server 2016: KB4088787
-Added Windows 10 1511 (10586): KB4088779
-Added Windows 10 Initial release: KB4088786
-Added Windows 7 SP1 and Server 2008R2 SP1: KB4088875
-Added Windows 8.1 and Windows Server 2012 R2: KB4088876
-Added Windows Server 2012: KB4088877
Update 20th of March:
-Removed Windows 2012R2 and Windows 8.1 (reportedly causes issues):KB4056898
-Added Windows 2012R2 and Windows 8.1: KB4074597 + KB4088879
Update 28th of March:
-Removed Windows 7 and 2008R2 KB4057400, KB4074598, KB4056897 and KB4056894 due to them reportedly causing another vulnerability. (source)

Instructions for adding this report to your Lansweeper installation can be found here. Our video which includes us adding this report to a Lansweeper installation can be viewed here. If you're getting an invalid select issue when pasting the report, try pasting the report in notepad first or another text editor prior to pasting it in the report builder, some browsers such as Edge may add hidden characters.

For the most accurate report results, make sure your Windows computers have been recently scanned. Going to Assets\Windows in the web console and clicking the Rescan button in the left-hand pane will rescan all items for all your Windows computers, including Windows update information.

Disclaimer: many systems will, in addition to a Windows update, also require a BIOS update which will be model and manufacturer-specific. Installing just the Windows security update may not entirely resolve the vulnerability, though a Windows update will be required in all cases.

Select Distinct Top 1000000 Coalesce(tsysOS.Image,
tsysAssetTypes.AssetTypeIcon10) As icon,
tblAssets.AssetID,
tblAssets.AssetName,
tblAssets.Domain,
tblAssets.Username,
tblAssets.Userdomain,
tblAssets.IPAddress,
Case When tblErrors.ErrorText Is Not Null Or tblErrors.ErrorText != '' Or
tblAssets.Lastseen Is Null Then 'Not Scanned' Else 'No' End As Patched,
Case When tsysOS.OSname = 'Win 7' Or tsysOS.OSname = 'Win 7 RC' Or
tsysOS.OSname = 'Win 2008 R2' Then 'KB4088875'
When tsysOS.OSname = 'Win 8.1' Or
tsysOS.OSname =
'Win 2012 R2' Then
'KB4074597 or KB4056895 or KB4057401 or KB4074594 or KB4088876 or KB4088879'
When tsysOS.OSname =
'Win 2012' Then
'KB4056899 or KB4056896 or KB4057402 or KB4074593 or KB4088877'
When tblOperatingsystem.Version Like '%10240%' Then
'KB4056893 or KB4075199 or KB4077735 or KB4074596 or KB4088786'
When tblOperatingsystem.Version Like '%10586%' And
(tblOperatingsystem.Caption Like '%Enterprise%' Or
tblOperatingsystem.Caption Like '%Education%') Then
'KB4056888 or KB4075200 or KB4074591 or KB4088779'
When tblOperatingsystem.Version Like '%14393%' Or
tsysOS.OSname =
'Win 2016' Then
'KB4056890 or KB4057142 or KB4074590 or KB4077525 or KB4088787'
When tblOperatingsystem.Version Like '%15063%' Then
'KB4056891 or KB4057144 or KB4074592 or KB4077528 or KB4092077 or KB4088782'
When tblOperatingsystem.Version Like '%16299%' Then
'KB4056892 or KB4073291(x86 only) or KB4058258 or KB4074588 or KB4090913 or KB4088776' Else 'No Patch Available' End As [Install one of these updates],
tsysIPLocations.IPLocation,
tblAssetCustom.Manufacturer,
tblAssetCustom.Model,
tblAssetCustom.Serialnumber,
tblBIOS.SMBIOSBIOSVersion As BIOSVersion,
tsysOS.OSname As OS,
tblAssets.SP,
tblAssets.Lastseen,
tblAssets.Lasttried,
tblAssets.Processor,
Case When tblErrors.ErrorText Is Not Null Or
tblErrors.ErrorText != '' Then 'Scanning Error: ' +
tsysasseterrortypes.ErrorMsg Else '' End As ScanningErrors,
Convert(nvarchar,DateDiff(day, QuickFixLastScanned.QuickFixLastScanned,
GetDate())) + ' days ago' As WindowsUpdateInfoLastScanned,
Case
When Convert(nvarchar,DateDiff(day, QuickFixLastScanned.QuickFixLastScanned,
GetDate())) >
3 Then
'Windows update information may not be up to date. We recommend rescanning this machine.' Else '' End As Comment,
tblState.Statename As State
From tblAssets
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Left Join tsysOS On tsysOS.OScode = tblAssets.OScode
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Inner Join tblOperatingsystem On tblOperatingsystem.AssetID =
tblAssets.AssetID
Left Join tsysIPLocations On tblAssets.IPNumeric >= tsysIPLocations.StartIP
And tblAssets.IPNumeric <= tsysIPLocations.EndIP
Inner Join tblState On tblState.State = tblAssetCustom.State
Left Join (Select Distinct Top 1000000 tblAssets.AssetID As ID,
TsysLastscan.Lasttime As QuickFixLastScanned
From TsysWaittime
Inner Join TsysLastscan On TsysWaittime.CFGCode = TsysLastscan.CFGcode
Inner Join tblAssets On tblAssets.AssetID = TsysLastscan.AssetID
Where TsysWaittime.CFGname = 'QUICKFIX') As QuickFixLastScanned
On tblAssets.AssetID = QuickFixLastScanned.ID
Left Join (Select Distinct Top 1000000 tblAssets.AssetID As ID,
Max(tblErrors.Teller) As ErrorID
From tblErrors
Inner Join tblAssets On tblAssets.AssetID = tblErrors.AssetID
Group By tblAssets.AssetID) As ScanningError On tblAssets.AssetID =
ScanningError.ID
Left Join tblErrors On ScanningError.ErrorID = tblErrors.Teller
Left Join tsysasseterrortypes On tsysasseterrortypes.Errortype =
tblErrors.ErrorType
Inner Join tblBIOS On tblAssets.AssetID = tblBIOS.AssetID
Where
tblAssets.AssetID Not In (Select Top 1000000 tblQuickFixEngineering.AssetID
From tblQuickFixEngineering Inner Join tblQuickFixEngineeringUni
On tblQuickFixEngineeringUni.QFEID = tblQuickFixEngineering.QFEID
Where tblQuickFixEngineeringUni.HotFixID In ('KB4074597', 'KB4056899',
'KB4056893', 'KB4056888', 'KB4056890', 'KB4056891', 'KB4056892',
'KB4056895', 'KB4056896', 'KB4057144', 'KB4073291', 'KB4057142',
'KB4075200', 'KB4075199', 'KB4057401', 'KB4057402', 'KB4058258',
'KB4077735', 'KB4074594', 'KB4074588', 'KB4074592', 'KB4074590',
'KB4074596', 'KB4074591', 'KB4090913', 'KB4077528', 'KB4077525',
'KB4092077', 'KB4088782', 'KB4088776', 'KB4088787', 'KB4088779',
'KB4088786', 'KB4088875', 'KB4088876', 'KB4088877', 'KB4088879')) And
tsysOS.OSname != 'Win 2000 S' And tblAssets.Processor Like '%intel%'
And tsysAssetTypes.AssetTypename Like 'Windows%' And
tsysOS.OScode Not Like '10.0.17%'
Order By tblAssets.Domain,
tblAssets.AssetName
Bruce.B
#1Bruce.B Member Administration Original PosterPosts: 513  
posted: 1/4/2018 3:58:37 PM(UTC)
If you have any questions regarding the report, please contact us via email at support@lansweeper.com

Active Discussions

Lansweeper Deployment - Ideas
by  ghelpdesk   Go to last post Go to first unread
Last post: Today at 1:03:22 AM(UTC)
Lansweeper Custom reports in Lansweeper
by  myousufhk  
Go to last post Go to first unread
Last post: 7/21/2018 7:38:55 PM(UTC)
Lansweeper Problem Importing LSPush Files
by  NC_Matt   Go to last post Go to first unread
Last post: 7/20/2018 7:14:37 PM(UTC)
Lansweeper Product update questions
by  Bruce.B   Go to last post Go to first unread
Last post: 7/20/2018 8:26:49 AM(UTC)
Lansweeper Minimum access level needed to scan domain PCs
by  Bruce.B  
Go to last post Go to first unread
Last post: 7/20/2018 8:07:08 AM(UTC)
Lansweeper Suggestion - Change to Installer Packages screen layout
by  ghelpdesk   Go to last post Go to first unread
Last post: 7/20/2018 2:15:29 AM(UTC)
Lansweeper Mail Priority
by  Icebreaker  
Go to last post Go to first unread
Last post: 7/19/2018 6:56:44 AM(UTC)