iPhone iOS 12.3 iMessage Vulnerability Audit

Find iPhones at Risk to an iMessage Vulnerability

List all devices in your environment that have an outdated iOS version and are therefore vulnerable to CVE-2019-8664. This iMessage vulnerability can lead to iPhones crashing and requiring a complete wipe in order to recover. The reset of the iPhone will also cause data loss of anything that was stored on the iPhone. You can read more about this vulnerability in the iPhone iMessage vulnerability blog post.

You can use the audit below to get an overview of all iPhones within your network and whether they are at risk or not. It is color-coded to provide an easy overview of which devices still need to be updated.

iPhone iOS 12.3 iMessage Vulnerability Query

Select Top 1000000 tblAssets.AssetID,
  tblAssets.AssetName,
  tsysAssetTypes.AssetTypeIcon10 As icon,
  tblADusers.Username,
  tsysAssetTypes.AssetTypename As AssetType,
  tblIntuneDevice.Manufacturer,
  tblIntuneDevice.Model,
  tblIntuneDevice.OperatingSystem As OS,
  tblIntuneDevice.OsVersion,
Case
When tblIntuneDevice.Model LIKE '%2G' and tblIntuneDevice.OsVersion = '3.1.3' then 'Up to date'
When tblIntuneDevice.Model LIKE '%3G' and tblIntuneDevice.OsVersion = '4.2.1' then 'Up to date'
When tblIntuneDevice.Model LIKE '%3GS' and tblIntuneDevice.OsVersion = '6.1.6' then 'Up to date'
When tblIntuneDevice.Model LIKE '%4' and tblIntuneDevice.OsVersion = '7.1.2' then 'Up to date'
When tblIntuneDevice.Model LIKE '%4S' and tblIntuneDevice.OsVersion = '9.3.5' then 'Up to date'
When tblIntuneDevice.Model LIKE '%5' and tblIntuneDevice.OsVersion = '10.3.3' then 'Up to date'
When tblIntuneDevice.Model LIKE '%5C' and tblIntuneDevice.OsVersion = '10.3.3' then 'Up to date'
When tblIntuneDevice.Model LIKE '%5S' and tblIntuneDevice.OsVersion > '12.3.0' then 'Up to date'
When tblIntuneDevice.Model LIKE '%6%' and tblIntuneDevice.OsVersion > '12.3.0' then 'Up to date'
When tblIntuneDevice.Model LIKE '%6S%' and tblIntuneDevice.OsVersion > '12.3.0' then 'Up to date'
When tblIntuneDevice.Model LIKE '%SE' and tblIntuneDevice.OsVersion > '12.3.0' then 'Up to date'
When tblIntuneDevice.Model LIKE '%7%' and tblIntuneDevice.OsVersion > '12.3.0' then 'Up to date'
When tblIntuneDevice.Model LIKE '%8%' and tblIntuneDevice.OsVersion > '12.3.0' then 'Up to date'
When tblIntuneDevice.Model LIKE '%X%' and tblIntuneDevice.OsVersion > '12.3.0' then 'Up to date'
else 'Out of date'
End as [Patch Status],
Case
When tblIntuneDevice.Model LIKE '%2G' and tblIntuneDevice.OsVersion = '3.1.3' then '#d4f4be'
When tblIntuneDevice.Model LIKE '%3G' and tblIntuneDevice.OsVersion = '4.2.1' then '#d4f4be'
When tblIntuneDevice.Model LIKE '%3GS' and tblIntuneDevice.OsVersion = '6.1.6' then '#d4f4be'
When tblIntuneDevice.Model LIKE '%4' and tblIntuneDevice.OsVersion = '7.1.2' then '#d4f4be'
When tblIntuneDevice.Model LIKE '%4S' and tblIntuneDevice.OsVersion = '9.3.5' then '#d4f4be'
When tblIntuneDevice.Model LIKE '%5' and tblIntuneDevice.OsVersion = '10.3.3' then '#d4f4be'
When tblIntuneDevice.Model LIKE '%5C' and tblIntuneDevice.OsVersion = '10.3.3' then '#d4f4be'
When tblIntuneDevice.Model LIKE '%5S' and tblIntuneDevice.OsVersion > '12.3.0' then '#d4f4be'
When tblIntuneDevice.Model LIKE '%6%' and tblIntuneDevice.OsVersion > '12.3.0' then '#d4f4be'
When tblIntuneDevice.Model LIKE '%6S%' and tblIntuneDevice.OsVersion > '12.3.0' then '#d4f4be'
When tblIntuneDevice.Model LIKE '%SE' and tblIntuneDevice.OsVersion > '12.3.0' then '#d4f4be'
When tblIntuneDevice.Model LIKE '%7%' and tblIntuneDevice.OsVersion > '12.3.0' then '#d4f4be'
When tblIntuneDevice.Model LIKE '%8%' and tblIntuneDevice.OsVersion > '12.3.0' then '#d4f4be'
When tblIntuneDevice.Model LIKE '%X%' and tblIntuneDevice.OsVersion > '12.3.0' then '#d4f4be'
else '#ffadad'
End as backgroundcolor,
  tblIntuneDevice.SubscriberCarrier,
  tblIntuneDevice.Imei,
  tblIntuneDevice.SerialNumber,
  tblIntuneDevice.EnrolledDateTime,
  tblIntuneDevice.LastSyncDateTime,
  tblAssets.Lastseen,
  tblAssets.Lasttried
From tblAssets
  Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
  Inner Join tblAssetCustom On tblAssetCustom.AssetID = tblAssets.AssetID
  Inner Join tblState On tblState.State = tblAssetCustom.State
  Inner Join tblIntuneDevice On tblIntuneDevice.AssetId = tblAssets.AssetID
  Left Join tblADusers On Lower(tblIntuneDevice.EmailAddress) In
    (Lower(tblADusers.email), Lower(tblADusers.UPN))
Where tsysAssetTypes.AssetTypename = 'iPhone' And tblState.Statename = 'Active'
Order By tblAssets.AssetName

 

Audit and Take Action in 3 Easy Steps

Download-Install-Lansweeper

1. Download & Install Lansweeper

Save-and-Run-the-Report

3. Run the Audit & Take Action

Download Lansweeper to Run this Audit

Harness the Power of Reporting