Discover Android Devices with an Outdated Security Patch Level
Discover devices in your IT environment that have an outdated security patch level. Every month, Google released a new Android security update which contains details of all the security-related issues that are being fixed in that month's security update. Mobile devices contain some of the most sensitive information, therefore it is critical the latest security patches are applied if possible.
Lansweeper scans mobile devices using Microsoft Intune and with it, retrieves the security patch level of Android devices. In the July 2019 security update, 33 vulnerabilities were found, 9 of which had a critical severity rating. You can find more information about in the July 2019 security patch update blog post.
Android Security Update Query
Select Top 1000000 tblAssets.AssetID,
tblAssets.AssetName,
tsysAssetTypes.AssetTypeIcon10 As icon,
tblADusers.Username,
tsysAssetTypes.AssetTypename As AssetType,
tblIntuneDevice.Manufacturer,
tblIntuneDevice.Model,
tblIntuneDevice.OperatingSystem As OS,
tblIntuneDevice.OsVersion,
tblIntuneDevice.AndroidSecurityPatchLevel As [Security Patch Level],
Case
When GetDate() >= DateAdd(month, DateDiff(month, 0, GetDate()), 4)
And Cast(tblIntuneDevice.AndroidSecurityPatchLevel As datetime) >=
DateAdd(month, DateDiff(month, 0, GetDate()), 4) Then 'Up to date'
When GetDate() < DateAdd(month, DateDiff(month, 0, GetDate()), 4) And
Cast(tblIntuneDevice.AndroidSecurityPatchLevel As datetime) >
DateAdd(month, DateDiff(month, 0, GetDate() - 30), 4) Then 'Up to date'
Else 'Out of date'
End As [Security Patch Status],
Case
When GetDate() >= DateAdd(month, DateDiff(month, 0, GetDate()), 4)
And Cast(tblIntuneDevice.AndroidSecurityPatchLevel As datetime) >=
DateAdd(month, DateDiff(month, 0, GetDate()), 4) Then '#d4f4be'
When GetDate() < DateAdd(month, DateDiff(month, 0, GetDate()), 4) And
Cast(tblIntuneDevice.AndroidSecurityPatchLevel As datetime) >
DateAdd(month, DateDiff(month, 0, GetDate() - 30), 4) Then '#d4f4be'
Else '#ffadad'
End As backgroundcolor,
tblIntuneDevice.SubscriberCarrier,
tblIntuneDevice.Imei,
tblIntuneDevice.SerialNumber,
tblIntuneDevice.EnrolledDateTime,
tblIntuneDevice.LastSyncDateTime,
tblAssets.Lastseen,
tblAssets.Lasttried
From tblAssets
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Inner Join tblAssetCustom On tblAssetCustom.AssetID = tblAssets.AssetID
Inner Join tblState On tblState.State = tblAssetCustom.State
Inner Join tblIntuneDevice On tblIntuneDevice.AssetId = tblAssets.AssetID
Left Join tblADusers On Lower(tblIntuneDevice.EmailAddress) In
(Lower(tblADusers.email), Lower(tblADusers.UPN))
Where tsysAssetTypes.AssetTypename = 'Android' And tblState.Statename = 'Active'
Order By tblAssets.AssetName