Notification

Icon
Error

Meltdown and Spectre

Posted: Thursday, January 4, 2018 3:57:42 PM(UTC)
Bruce.B

Bruce.B

Member Administration Posts: 492
26
Like
Recently it has become clear that there are some critical vulnerabilities in modern Intel processors. More specific information about this can be found in this article, at the bottom of the article you can find vendor-specific security bulletins.

In the context of these vulnerabilities, Microsoft has created security patches for all supported operating systems, which are Windows 7 SP1, Windows Server 2008R2 SP1 and newer. The report below will list all of your Intel-based Windows computers that have not yet been patched or where this could not be determined.

Microsoft released a guide on how to install updates for Windows 10 computers that don't have the required policies enabled, which can be found here.


Update 8th of January 2018:

-added the already available monthly security rollup KB for Windows 7, 8, 2008, 2012 and 2012R2
Update 10th of January 2018:
-Added computer serial numbers and BIOS versions to the report.
-An alternative report listing both assets that haven't been patched and assets that have been can be found here.
-Removed SQL Code formatting to prevent copy/paste issues using Edge browsers
Update 18th of January 2018:
-Added KB4057144 for Windows 10 1703
Update 22nd of January 2018:
-Added KB4073291 for Windows 10 1709
-Added KB4057142 for Windows 10 1607 and Windows Server 2016
-Added KB4075200 for Windows 10 1511
-Added KB4075199 for Windows 10 initial release version

Instructions for adding this report to your Lansweeper installation can be found here. Our video which includes us adding this report to a Lansweeper installation can be viewed here. If you're getting an invalid select issue when pasting the report, try pasting the report in notepad first or another text editor prior to pasting it in the report builder, some browsers such as Edge may add hidden characters.

For the most accurate report results, make sure your Windows computers have been recently scanned. Going to Assets\Windows in the web console and clicking the Rescan button in the left-hand pane will rescan all items for all your Windows computers, including Windows update information.

Disclaimer: many systems will, in addition to a Windows update, also require a BIOS update which will be model and manufacturer-specific. Installing just the Windows security update may not entirely resolve the vulnerability, though a Windows update will be required in all cases.

Select Distinct Top 1000000 Coalesce(tsysOS.Image,
tsysAssetTypes.AssetTypeIcon10) As icon,
tblAssets.AssetID,
tblAssets.AssetName,
tblAssets.Domain,
tblAssets.Username,
tblAssets.Userdomain,
tblAssets.IPAddress,
Case When tblErrors.ErrorText Is Not Null Or tblErrors.ErrorText != '' Or
tblAssets.Lastseen Is Null Then 'Not Scanned' Else 'No' End As Patched,
Case When tsysOS.OSname = 'Win 7' Or tsysOS.OSname = 'Win 7 RC' Or
tsysOS.OSname = 'Win 2008 R2' Then 'KB4056897 or KB4056894'
When tsysOS.OSname = 'Win 8.1' Or
tsysOS.OSname = 'Win 2012 R2' Then 'KB4056898 or KB4056895'
When tsysOS.OSname = 'Win 2012' Then 'KB4056899 or KB4056896'
When tblOperatingsystem.Version Like '%10240%' Then 'KB4056893 or KB4075199'
When tblOperatingsystem.Version Like '%10586%' And
(tblOperatingsystem.Caption Like '%Enterprise%' Or
tblOperatingsystem.Caption Like '%Education%') Then 'KB4056888 or KB4075200'
When tblOperatingsystem.Version Like '%14393%' Or
tsysOS.OSname = 'Win 2016' Then 'KB4056890 or KB4057142'
When tblOperatingsystem.Version Like '%15063%' Then 'KB4056891 or KB4057144'
When tblOperatingsystem.Version Like '%16299%' Then
'KB4056892 or KB4073291(x86 only)' Else 'No Patch Available'
End As [Install one of these updates],
tsysIPLocations.IPLocation,
tblAssetCustom.Manufacturer,
tblAssetCustom.Model,
tblAssetCustom.Serialnumber,
tblBIOS.SMBIOSBIOSVersion As BIOSVersion,
tsysOS.OSname As OS,
tblAssets.SP,
tblAssets.Lastseen,
tblAssets.Lasttried,
tblAssets.Processor,
Case When tblErrors.ErrorText Is Not Null Or
tblErrors.ErrorText != '' Then 'Scanning Error: ' +
tsysasseterrortypes.ErrorMsg Else '' End As ScanningErrors,
Convert(nvarchar,DateDiff(day, QuickFixLastScanned.QuickFixLastScanned,
GetDate())) + ' days ago' As WindowsUpdateInfoLastScanned,
Case
When Convert(nvarchar,DateDiff(day, QuickFixLastScanned.QuickFixLastScanned,
GetDate())) >
3 Then
'Windows update information may not be up to date. We recommend rescanning this machine.' Else '' End As Comment,
tblState.Statename As State
From tblAssets
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Left Join tsysOS On tsysOS.OScode = tblAssets.OScode
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Inner Join tblOperatingsystem On tblOperatingsystem.AssetID =
tblAssets.AssetID
Left Join tsysIPLocations On tblAssets.IPNumeric >= tsysIPLocations.StartIP
And tblAssets.IPNumeric <= tsysIPLocations.EndIP
Inner Join tblState On tblState.State = tblAssetCustom.State
Left Join (Select Distinct Top 1000000 tblAssets.AssetID As ID,
TsysLastscan.Lasttime As QuickFixLastScanned
From TsysWaittime
Inner Join TsysLastscan On TsysWaittime.CFGCode = TsysLastscan.CFGcode
Inner Join tblAssets On tblAssets.AssetID = TsysLastscan.AssetID
Where TsysWaittime.CFGname = 'QUICKFIX') As QuickFixLastScanned
On tblAssets.AssetID = QuickFixLastScanned.ID
Left Join (Select Distinct Top 1000000 tblAssets.AssetID As ID,
Max(tblErrors.Teller) As ErrorID
From tblErrors
Inner Join tblAssets On tblAssets.AssetID = tblErrors.AssetID
Group By tblAssets.AssetID) As ScanningError On tblAssets.AssetID =
ScanningError.ID
Left Join tblErrors On ScanningError.ErrorID = tblErrors.Teller
Left Join tsysasseterrortypes On tsysasseterrortypes.Errortype =
tblErrors.ErrorType
Inner Join tblBIOS On tblAssets.AssetID = tblBIOS.AssetID
Where
tblAssets.AssetID Not In (Select Top 1000000 tblQuickFixEngineering.AssetID
From tblQuickFixEngineering Inner Join tblQuickFixEngineeringUni
On tblQuickFixEngineeringUni.QFEID = tblQuickFixEngineering.QFEID
Where tblQuickFixEngineeringUni.HotFixID In ('KB4056897', 'KB4056898',
'KB4056899', 'KB4056893', 'KB4056888', 'KB4056890', 'KB4056891',
'KB4056892', 'KB4056895', 'KB4056896', 'KB4056894', 'KB4057144',
'KB4073291', 'KB4057142', 'KB4075200', 'KB4075199')) And
tsysOS.OSname != 'Win 2000 S' And tblAssets.Processor Like '%intel%'
And tsysAssetTypes.AssetTypename Like 'Windows%' And
tsysOS.OScode Not Like '10.0.17%'
Order By tblAssets.Domain,
tblAssets.AssetName
Bruce.B
#1Bruce.B Member Administration  
posted: 1/4/2018 3:58:37 PM(UTC)
If you have any questions regarding the report, please contact us via email at support@lansweeper.com

Active Discussions

Lansweeper Switch Mac Table
by  adam.jongewaard   Go to last post Go to first unread
Last post: Today at 4:03:08 PM(UTC)
Lansweeper Cant edit Deployment
by  Tomas  
Go to last post Go to first unread
Last post: Today at 2:43:07 PM(UTC)
Lansweeper Adding fields to the user page
by  caverna   Go to last post Go to first unread
Last post: Today at 12:46:24 PM(UTC)
Lansweeper Report for asset IP Location change's
by  Charles.X  
Go to last post Go to first unread
Last post: Today at 11:37:34 AM(UTC)
Lansweeper Force cancel hung delpoyments
by  Charles.X   Go to last post Go to first unread
Last post: Today at 11:26:05 AM(UTC)
Lansweeper Asset import and relationship with "owner"
by  davidk7050  
Go to last post Go to first unread
Last post: 1/19/2018 7:49:19 PM(UTC)
Lansweeper Monthly Helpdesk Reports
by  brigmill   Go to last post Go to first unread
Last post: 1/19/2018 6:26:00 PM(UTC)
Lansweeper Asset Summary Report
by  jbrawley  
Go to last post Go to first unread
Last post: 1/19/2018 6:06:01 PM(UTC)