Internet Explorer XXE Audit

Find All Computers That Are Vulnerable to the Internet Explorer XXE Exploit

Until Microsoft fixes the vulnerability with an update, opening a hostile file can lead to data theft via Internet Explorer. The report below provides an overview of all computers on your network that have the Internet Explorer feature installed that are vulnerable to this exploit. You can find more info about this exploit in our IE XXE vulnerability blog post.

 

Internet Explorer XXE Query

Select Top 1000000 tblAssets.AssetID,
  tblAssets.AssetName,
  tblAssets.Domain,
  tblAssets.Username,
  tblAssets.Userdomain,
  Case
    When tblAssets.AssetID = Feature.AssetID Then 'At Risk'
    Else 'Safe'
  End As [At Risk/Safe],
  Coalesce(tsysOS.Image, tsysAssetTypes.AssetTypeIcon10) As icon,
  tblAssets.IPAddress,
  tsysIPLocations.IPLocation,
  tblAssetCustom.Manufacturer,
  tblAssetCustom.Model,
  tsysOS.OSname As OS,
  tblAssets.SP,
  tblAssets.Lastseen,
  tblAssets.Lasttried,
  Case
    When tblAssets.AssetID = Feature.AssetID Then '#ffadad'
    Else '#d4f4be'
  End As backgroundcolor
From tblAssets
  Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
  Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
  Inner Join tsysIPLocations On tsysIPLocations.LocationID =
    tblAssets.LocationID
  Inner Join tblState On tblState.State = tblAssetCustom.State
  Left Join tsysOS On tblAssets.OScode = tsysOS.OScode
  Left Join (Select Top 1000000 tblAssets.AssetID
      From tblAssets
        Inner Join tblFeature On tblAssets.AssetID = tblFeature.AssetId
        Inner Join tblFeatureUni On tblFeatureUni.featUniID =
          tblFeature.featUniId
      Where tblFeatureUni.featureCaption Like '%Internet Explorer%') As Feature
    On Feature.AssetID = tblAssets.AssetID
Where tsysOS.OSname Is Not Null And tblState.Statename = 'Active' And
  tsysAssetTypes.AssetTypename = 'Windows'
Order By tblAssets.Domain,
  tblAssets.AssetName

Audit and Take Action in 3 Easy Steps

Download-Install-Lansweeper

1. Download & Install Lansweeper

Save-and-Run-the-Report

3. Run the Audit & Take Action

Download Lansweeper to Run this Audit

Harness the Power of Reporting