Microsoft Patch Tuesday Audit – October 2019

Discover All Windows Computers and Their Patch Tuesday October 2019 Status

The audit for the Patch Tuesday of October 2019 provides a color-coded overview of all Windows computers and their Windows patch status. This gives you a quick and easy overview of your patch status and allows you to find devices that might be having issues receiving Microsoft updates. Detect outdated machines, start updating or simply manage your updating process in your network.

Microsoft fixed 59 vulnerabilities in its Windows operating systems and other products with this Patch Tuesday. Including 9 classified as critical. The most noteworthy fixes were for New Technology LAN Manager (NTLM) authentication vulnerabilities (CVE-2019-1166 and CVE-2019-1338) and also two RCE bugs in the VBScript Engine (CVE-2019-1238 and CVE-2019-1239). You can find all the details in our Patch Tuesday blog.

Patch Tuesday Audit Query

Select Distinct Top 1000000 Coalesce(tsysOS.Image,
  tsysAssetTypes.AssetTypeIcon10) As icon,
  tblState.Statename As State,
  Case tblAssets.AssetID
    When SubQuery1.AssetID Then 'Up to date'
    Else 'Out of date'
  End As [Patch status],
    When tblComputersystem.Domainrole > 1 Then 'Server'
    Else 'Workstation'
  End As [Workstation/Server],
  tsysOS.OSname As OS,
    When tsysOS.OScode Like '10.0.10240%' Then '1507'
    When tsysOS.OScode Like '10.0.10586%' Then '1511'
    When tsysOS.OScode Like '10.0.14393%' Then '1607'
    When tsysOS.OScode Like '10.0.15063%' Then '1703'
    When tsysOS.OScode Like '10.0.16299%' Then '1709'
    When tsysOS.OScode Like '10.0.17134%' Then '1803'
    When tsysOS.OScode Like '10.0.17763%' Then '1809'
    When tsysOS.OScode Like '10.0.18362%' Then '1903'
  End As Version,
    When tblErrors.ErrorText Is Not Null Or
      tblErrors.ErrorText != '' Then
      'Scanning Error: ' + tsysasseterrortypes.ErrorMsg
    Else ''
  End As ScanningErrors,
    When tblAssets.AssetID = SubQuery1.AssetID Then ''
    Else Case
        When tsysOS.OSname = 'Win 2008' Then 'KB4520009 or KB4520002'
        When tsysOS.OSname = 'Win 7' Or tsysOS.OSname = 'Win 7 RC' Or
          tsysOS.OSname = 'Win 2008 R2' Then 'KB4520003 or KB4519976'
        When tsysOS.OSname = 'Win 2012' Or
          tsysOS.OSname = 'Win 8' Then 'KB4519985 or KB4520007'
        When tsysOS.OSname = 'Win 8.1' Or
          tsysOS.OSname = 'Win 2012 R2' Then 'KB4519990 or KB4520005'
        When tsysOS.OScode Like '10.0.10240' Then 'KB4520011'
        When tsysOS.OScode Like '10.0.10586' Then 'KB4093109'
        When tsysOS.OScode Like '10.0.14393' Or
          tsysOS.OSname = 'Win 2016' Then 'KB4519998 or KB4519979'
        When tsysOS.OScode Like '10.0.15063' Then 'KB4520010'
        When tsysOS.OScode Like '10.0.16299' Then 'KB4520004 or KB4520006'
        When tsysOS.OScode Like '10.0.17134' Then 'KB4520008 or KB4519978'
        When tsysOS.OScode Like '10.0.17763' Or
          tsysOS.OSname = 'Win 2019' Then 'KB4519338 or KB4520062'
        When tsysOS.OScode Like '10.0.18362' Then 'KB4517389 or KB4522355'
  End As [Install one of these updates],
  Convert(nvarchar,DateDiff(day, QuickFixLastScanned.QuickFixLastScanned,
  GetDate())) + ' days ago' As WindowsUpdateInfoLastScanned,
    When Convert(nvarchar,DateDiff(day, QuickFixLastScanned.QuickFixLastScanned,
      GetDate())) > 3 Then
      'Windows update information may not be up to date. We recommend rescanning this machine.'
    Else ''
  End As Comment,
  Case tblAssets.AssetID
    When SubQuery1.AssetID Then '#d4f4be'
    Else '#ffadad'
  End As backgroundcolor
From tblAssets
  Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
  Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
  Inner Join tblOperatingsystem On tblOperatingsystem.AssetID =
  Inner Join tblState On tblState.State = tblAssetCustom.State
  Inner Join tblComputersystem On tblAssets.AssetID = tblComputersystem.AssetID
  Left Join tsysOS On tsysOS.OScode = tblAssets.OScode
  Left Join (Select Top 1000000 tblQuickFixEngineering.AssetID
      From tblQuickFixEngineering
        Inner Join tblQuickFixEngineeringUni On tblQuickFixEngineeringUni.QFEID
          = tblQuickFixEngineering.QFEID
      Where tblQuickFixEngineeringUni.HotFixID In ('KB4520009', 'KB4520002',
        'KB4520003', 'KB4519976', 'KB4519985', 'KB4520007', 'KB4519990',
        'KB4520005', 'KB4520011', 'KB4093109', 'KB4519998', 'KB4520010',
        'KB4520004', 'KB4520008', 'KB4519338', 'KB4517389','KB4519979','KB4520006',
'KB4519978','KB4520062','KB4522355')) As SubQuery1 On
    tblAssets.AssetID = SubQuery1.AssetID
  Left Join tsysIPLocations On tblAssets.IPNumeric >= tsysIPLocations.StartIP
    And tblAssets.IPNumeric <= tsysIPLocations.EndIP
  Left Join (Select Distinct Top 1000000 TsysLastscan.AssetID As ID,
        TsysLastscan.Lasttime As QuickFixLastScanned
      From TsysWaittime
        Inner Join TsysLastscan On TsysWaittime.CFGCode = TsysLastscan.CFGcode
      Where TsysWaittime.CFGname = 'QUICKFIX') As QuickFixLastScanned On
    tblAssets.AssetID = QuickFixLastScanned.ID
  Left Join (Select Distinct Top 1000000 tblErrors.AssetID As ID,
        Max(tblErrors.Teller) As ErrorID
      From tblErrors
      Group By tblErrors.AssetID) As ScanningError On tblAssets.AssetID =
  Left Join tblErrors On ScanningError.ErrorID = tblErrors.Teller
  Left Join tsysasseterrortypes On tsysasseterrortypes.Errortype =
Where tsysOS.OSname <> 'Win 2000 S' And tsysOS.OSname Not Like '%XP%' And
  tsysOS.OSname Not Like '%2003%' And (Not tsysOS.OSname Like 'Win 7%'
    Or Not tblAssets.SP = 0) And tblAssetCustom.State = 1 And
  tsysAssetTypes.AssetTypename Like 'Windows%'
Order By tblAssets.Domain,


Audit and Take Action in 3 Easy Steps


1. Start Your Lansweeper Trial


2. Scan Your Network


3. Run the Audit & Take Action