Notification

Icon
Error

SWAPGS Report

Posted: Wednesday, August 7, 2019 3:34:46 PM(UTC)
brodiemac

brodiemac

Member Original PosterPosts: 17
0
Like
I got the email about the audit report for this provided by LANSweeper. I copied the code and ran the report but it is all wrong. It shows most of my environment being vulnerable but when researching the vulnerabilities and checking machines marked as vulnerable, they all had the required patches. Anyone else seeing this?
Options
brodiemac
#1brodiemac Member Original PosterPosts: 17  
posted: 8/7/2019 4:37:52 PM(UTC)
So I'm guessing LANSweeper uses the Get-HotFix Powershell command to get the hotfix information as the result of that command matches what is listed for these computers. Since we are using WSUS, there are several that are not listed using this command. I found this article that explains an alternate method of listing hotfixes installed this way. How would I go about integrating this command into LANSweeper to list installed hotfixes from WSUS?
0
Lennart
#2Lennart Member Posts: 4  
posted: 8/8/2019 6:47:15 AM(UTC)
I'm getting several clients marked as missing KB4507453 regarding to the report.
But they are updated to max, and can´t find any more windows updates.
I´m not using WSUS.
Any ideas?
/BR Lennart
0
Esben.D
#3Esben.D Member Administration Posts: 1,765  
posted: 8/8/2019 12:34:42 PM(UTC)
Have you checked whether the report lists assets with outdated data (look in the comments column)?
Might be best to just hit the rescan assets button in the report, just to be safe.

The data itself is taken from the Win32_QuickFixEngineering WMI class.

To check you can run get-wmiobject Win32_QuickFixEngineering in PowerShell
0
Bginchereau
#4Bginchereau Member Posts: 1  
posted: 8/12/2019 2:25:22 PM(UTC)
Originally Posted by: brodiemac Go to Quoted Post
I got the email about the audit report for this provided by LANSweeper. I copied the code and ran the report but it is all wrong. It shows most of my environment being vulnerable but when researching the vulnerabilities and checking machines marked as vulnerable, they all had the required patches. Anyone else seeing this?


The search criteria for the report does not include the all inclusive patches that have been put out.

EX: Win 10 build 1709 - the report looks for KB4507455, but patch KB4507465 REPLACED the previous but still includes the fix. The report shows the machine as out of date due to not looking for the updated patch.

You could go back through the report code and add these new patches, but it would be a lot easier with an update report.
0

Active Discussions

Lansweeper Launch PowerShell remote PSSession
by  Ian   Go to last post Go to first unread
Last post: 8/9/2019 12:07:41 PM(UTC)
Lansweeper lspush smtp direct send
by  Danilo Ferrari   Go to last post Go to first unread
Last post: 8/1/2019 1:39:26 PM(UTC)
Action Delete old user profiles
by  DaveDischord   Go to last post Go to first unread
Last post: 7/30/2019 6:18:28 PM(UTC)
Lansweeper Best way to delete multiple registries
by  Corcos   Go to last post Go to first unread
Last post: 7/25/2019 8:18:23 PM(UTC)
Lansweeper Infopath installer help
by  Dave Ward   Go to last post Go to first unread
Last post: 7/23/2019 3:11:38 PM(UTC)
Lansweeper Top 10 Ticket Types Year To Date
by  LGuth   Go to last post Go to first unread
Last post: 7/10/2019 8:37:48 PM(UTC)
Lansweeper Fonts
by  Spectrum   Go to last post Go to first unread
Last post: 6/25/2019 11:24:19 AM(UTC)
Action Powershell script for WOL on VLAN
by  psmail   Go to last post Go to first unread
Last post: 5/30/2019 12:00:43 AM(UTC)