Board logo

标题: [技术讨论] PowerShell检查NSA永恒之蓝MS17-010漏洞补丁 [打印本页]
作者: ShowCode    时间: 2017-5-14 10:07     标题: PowerShell检查NSA永恒之蓝MS17-010漏洞补丁

  1. # Windows XP, Windows Vista, Windows 8, Windows Server 2008

  2. Get-HotFix | Where-Object { $_.HotfixID -eq 'KB4012598' } | Format-Table -AutoSize

  3. 

  4. # Windows 7 SP1, Windows Server 2008 R2 SP1

  5. Get-HotFix | Where-Object { $_.HotfixID -eq 'KB4012212' -or $_.HotfixID -eq 'KB4012215' } | Format-Table -AutoSize

  6. 

  7. # Windows 8.1, Windows Server 2012 R2

  8. Get-HotFix | Where-Object { $_.HotfixID -eq 'KB4012213' -or $_.HotfixID -eq 'KB4012216' } | Format-Table -AutoSize

  9. 

  10. # Windows Server 2012

  11. Get-HotFix | Where-Object { $_.HotfixID -eq 'KB4012214' -or $_.HotfixID -eq 'KB4012217' } | Format-Table -AutoSize

  12. 

  13. # Windows 10

  14. Get-HotFix | Where-Object { $_.HotfixID -eq 'KB4012606' -or $_.HotfixID -eq 'KB4013198' -or $_.HotfixID -eq 'KB4013429' } | Format-Table -AutoSize
复制代码
参考信息:
https://technet.microsoft.com/zh-cn/library/security/MS17-010
https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/
作者: codegay    时间: 2017-5-14 10:20

  1. Get-HotFix : The term 'Get-HotFix' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spellin

  2. g of the name, or if a path was included, verify that the path is correct and try again.

  3. At line:1 char:1

  4. + Get-HotFix | Where-Object { $_.HotfixID -eq 'KB4012606' -or $_.Hotfix ...

  5. + ~~~~~~~~~~

  6.     + CategoryInfo          : ObjectNotFound: (Get-HotFix:String) [], CommandNotFoundException

  7.     + FullyQualifiedErrorId : CommandNotFoundException
复制代码
作者: codegay    时间: 2017-5-14 10:21

ps 6.0
windows 7
作者: ShowCode    时间: 2017-5-14 10:53

回复 3# codegay


你的版本好高,我的 Win 7 + PS 4.0 没问题。试试这个呢:
  1. Get-WmiObject -Query "Select * from Win32_QuickFixEngineering where HotFixID= 'KB4012212'"
复制代码
作者: codegay    时间: 2017-5-14 11:01

6.0是在官方的github下载安装的。。
  1. PS C:\Program Files\PowerShell\6.0.0.17> Get-WmiObject -Query "Select * from Win32_QuickFixEngineering where HotFixID= 'KB4012212'"

  2. Get-WmiObject : The term 'Get-WmiObject' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the s

  3. pelling of the name, or if a path was included, verify that the path is correct and try again.

  4. At line:1 char:1

  5. + Get-WmiObject -Query "Select * from Win32_QuickFixEngineering where H ...

  6. + ~~~~~~~~~~~~~

  7.     + CategoryInfo          : ObjectNotFound: (Get-WmiObject:String) [], CommandNotFoundException

  8.     + FullyQualifiedErrorId : CommandNotFoundException
复制代码
对PS不懂。不知道是怎么回事了。
作者: 老刘1号    时间: 2017-5-14 11:05

表示端口全部关了……
作者: 老刘1号    时间: 2017-5-14 11:11

回复 5# codegay


    Get-WmiObject和Get-HotFix这俩个Cmdlet都没有……
作者: codegay    时间: 2017-5-14 12:03

回复 7# 老刘1号


    不是我不知道没有。
而是我不知道为什么没有。
作者: ShowCode    时间: 2017-5-14 19:01

回复 5# codegay


    6.0现在是Beta版吧,不知道将来GA的版本会怎样。
作者: xxbdh    时间: 2017-5-18 18:57

命令行下用 systeminfo | find "KB4012606" 是不是更简单些?
作者: ShowCode    时间: 2017-5-18 19:33

回复 10# xxbdh


    我的Win7安装KB4012212之后用这个方法查不出来



欢迎光临 批处理之家 (http://www.bathome.net/) Powered by Discuz! 7.2