gpt4 book ai didi

powershell - 使用Powershell检测修补程序和累积更新

转载 作者:行者123 更新时间:2023-12-02 23:28:24 26 4
gpt4 key购买 nike

我正在使用Powershell小命令“Get-Hotfix”来检测给定服务器的漏洞。这是代码:

if (!(get-hotfix -id KB2964444 -ErrorAction SilentlyContinue)) { echo "Missing!" }

这完美地工作,但是我担心与累积更新有关。如果以后的累积更新包括以前的修补程序,它将被报告为 TRUE(正确的响应)或 Missing!

如果我完整输出 get-hotfix(如下),则看不到任何累积更新(但已应用累积更新),这使我认为单个更新将始终可见。
Source        Description      HotFixID      InstalledBy          InstalledOn
------ ----------- -------- ----------- -----------
WIN-EJ3M07... Update KB2899189_... NT AUTHORITY\SYSTEM 7/3/2014 12:00:00 AM
WIN-EJ3M07... Security Update KB2894856 NT AUTHORITY\SYSTEM 9/15/2014 12:00:00 AM
WIN-EJ3M07... Security Update KB2918614 NT AUTHORITY\SYSTEM 9/15/2014 12:00:00 AM
WIN-EJ3M07... Update KB2919355 WIN-EJ3M07TUG3E\A... 3/18/2014 12:00:00 AM
WIN-EJ3M07... Update KB2919442 WIN-EJ3M07TUG3E\A... 3/18/2014 12:00:00 AM
WIN-EJ3M07... Security Update KB2920189 NT AUTHORITY\SYSTEM 7/7/2014 12:00:00 AM
WIN-EJ3M07... Security Update KB2931366 NT AUTHORITY\SYSTEM 7/7/2014 12:00:00 AM
WIN-EJ3M07... Update KB2937220 WIN-EJ3M07TUG3E\A... 3/18/2014 12:00:00 AM
WIN-EJ3M07... Update KB2938772 WIN-EJ3M07TUG3E\A... 3/18/2014 12:00:00 AM
WIN-EJ3M07... Update KB2939153 NT AUTHORITY\SYSTEM 7/7/2014 12:00:00 AM
WIN-EJ3M07... Update KB2939471 WIN-EJ3M07TUG3E\A... 3/18/2014 12:00:00 AM
WIN-EJ3M07... Security Update KB2939576 NT AUTHORITY\SYSTEM 7/7/2014 12:00:00 AM
WIN-EJ3M07... Hotfix KB2949621 WIN-EJ3M07TUG3E\A... 3/18/2014 12:00:00 AM
WIN-EJ3M07... Update KB2950153 NT AUTHORITY\SYSTEM 7/7/2014 12:00:00 AM
WIN-EJ3M07... Update KB2954879 NT AUTHORITY\SYSTEM 7/3/2014 12:00:00 AM
WIN-EJ3M07... Update KB2955164 NT AUTHORITY\SYSTEM 7/7/2014 12:00:00 AM
WIN-EJ3M07... Update KB2956575 NT AUTHORITY\SYSTEM 7/7/2014 12:00:00 AM
WIN-EJ3M07... Security Update KB2957189 NT AUTHORITY\SYSTEM 7/7/2014 12:00:00 AM
WIN-EJ3M07... Update KB2958262 NT AUTHORITY\SYSTEM 7/7/2014 12:00:00 AM
WIN-EJ3M07... Hotfix KB2959626 NT AUTHORITY\SYSTEM 7/9/2014 12:00:00 AM
WIN-EJ3M07... Update KB2959977 NT AUTHORITY\SYSTEM 7/7/2014 12:00:00 AM
WIN-EJ3M07... Security Update KB2961072 NT AUTHORITY\SYSTEM 7/15/2014 12:00:00 AM
WIN-EJ3M07... Update KB2962140 NT AUTHORITY\SYSTEM 7/7/2014 12:00:00 AM
WIN-EJ3M07... Update KB2962409 NT AUTHORITY\SYSTEM 9/15/2014 12:00:00 AM
WIN-EJ3M07... Security Update KB2962872 NT AUTHORITY\SYSTEM 7/15/2014 12:00:00 AM
WIN-EJ3M07... Security Update KB2964718 NT AUTHORITY\SYSTEM 7/7/2014 12:00:00 AM
WIN-EJ3M07... Security Update KB2964736 NT AUTHORITY\SYSTEM 7/7/2014 12:00:00 AM
WIN-EJ3M07... Update KB2965142 NT AUTHORITY\SYSTEM 7/7/2014 12:00:00 AM
WIN-EJ3M07... Update KB2965500 NT AUTHORITY\SYSTEM 7/3/2014 12:00:00 AM
WIN-EJ3M07... Security Update KB2965788 NT AUTHORITY\SYSTEM 7/3/2014 12:00:00 AM
WIN-EJ3M07... Update KB2966804 NT AUTHORITY\SYSTEM 7/7/2014 12:00:00 AM
WIN-EJ3M07... Update KB2967917 NT AUTHORITY\SYSTEM 9/15/2014 12:00:00 AM
WIN-EJ3M07... Update KB2969339 NT AUTHORITY\SYSTEM 7/3/2014 12:00:00 AM
WIN-EJ3M07... Update KB2969817 NT AUTHORITY\SYSTEM 7/7/2014 12:00:00 AM
WIN-EJ3M07... Update KB2971203 NT AUTHORITY\SYSTEM 7/15/2014 12:00:00 AM
WIN-EJ3M07... Update KB2971239 NT AUTHORITY\SYSTEM 8/13/2014 12:00:00 AM
WIN-EJ3M07... Security Update KB2971850 NT AUTHORITY\SYSTEM 7/15/2014 12:00:00 AM
WIN-EJ3M07... Update KB2972094 NT AUTHORITY\SYSTEM 7/9/2014 12:00:00 AM
WIN-EJ3M07... Security Update KB2972280 NT AUTHORITY\SYSTEM 7/9/2014 12:00:00 AM
WIN-EJ3M07... Security Update KB2973201 NT AUTHORITY\SYSTEM 7/15/2014 12:00:00 AM
WIN-EJ3M07... Security Update KB2973351 NT AUTHORITY\SYSTEM 7/15/2014 12:00:00 AM
WIN-EJ3M07... Update KB2973448 NT AUTHORITY\SYSTEM 9/15/2014 12:00:00 AM
WIN-EJ3M07... Update KB2974008 NT AUTHORITY\SYSTEM 7/9/2014 12:00:00 AM
WIN-EJ3M07... Update KB2975061 NT AUTHORITY\SYSTEM 7/9/2014 12:00:00 AM
WIN-EJ3M07... Update KB2975719 NT AUTHORITY\SYSTEM 10/6/2014 12:00:00 AM
WIN-EJ3M07... Security Update KB2976627 NT AUTHORITY\SYSTEM 9/15/2014 12:00:00 AM
WIN-EJ3M07... Security Update KB2976897 NT AUTHORITY\SYSTEM 9/15/2014 12:00:00 AM
WIN-EJ3M07... Security Update KB2977629 NT AUTHORITY\SYSTEM 9/15/2014 12:00:00 AM
WIN-EJ3M07... Security Update KB2977765 NT AUTHORITY\SYSTEM 9/15/2014 12:00:00 AM
WIN-EJ3M07... Security Update KB2978668 NT AUTHORITY\SYSTEM 9/15/2014 12:00:00 AM
WIN-EJ3M07... Update KB2979500 NT AUTHORITY\SYSTEM 9/15/2014 12:00:00 AM
WIN-EJ3M07... Update KB2979582 NT AUTHORITY\SYSTEM 10/6/2014 12:00:00 AM
WIN-EJ3M07... Update KB2980654 NT AUTHORITY\SYSTEM 9/15/2014 12:00:00 AM
WIN-EJ3M07... Update KB2981580 NT AUTHORITY\SYSTEM 9/15/2014 12:00:00 AM
WIN-EJ3M07... Update KB2981655 NT AUTHORITY\SYSTEM 9/15/2014 12:00:00 AM
WIN-EJ3M07... Security Update KB2982791 NT AUTHORITY\SYSTEM 9/15/2014 12:00:00 AM
WIN-EJ3M07... Update KB2982794 NT AUTHORITY\SYSTEM 8/13/2014 12:00:00 AM
WIN-EJ3M07... Update KB2987114 NT AUTHORITY\SYSTEM 9/15/2014 12:00:00 AM
WIN-EJ3M07... Security Update KB2988948 NT AUTHORITY\SYSTEM 9/15/2014 12:00:00 AM
WIN-EJ3M07... Update KB2989647 NT AUTHORITY\SYSTEM 9/24/2014 12:00:00 AM
WIN-EJ3M07... Update KB2990532 NT AUTHORITY\SYSTEM 10/6/2014 12:00:00 AM
WIN-EJ3M07... Update KB2990967 NT AUTHORITY\SYSTEM 9/24/2014 12:00:00 AM
WIN-EJ3M07... Update KB2993100 NT AUTHORITY\SYSTEM 9/24/2014 12:00:00 AM
WIN-EJ3M07... Update KB2993651 NT AUTHORITY\SYSTEM 9/15/2014 12:00:00 AM
WIN-EJ3M07... Update KB2995004 NT AUTHORITY\SYSTEM 10/6/2014 12:00:00 AM
WIN-EJ3M07... Update KB2998527 NT AUTHORITY\SYSTEM 9/24/2014 12:00:00 AM

编辑
最终,我的问题是是否可以查询累积更新中包含的各个修补程序?是否始终显示包含的修补程序(即使已应用了累积更新)?

最佳答案

测试一下,看来您会“遗失”

检查:KB2909921“MS14-010:Internet Explorer的累积安全更新:2014年2月11日”(http://support.microsoft.com/kb/2909921):

PS C:\Windows\System32> get-hotfix -id KB2909921

Source Description HotFixID InstalledBy InstalledOn
------ ----------- -------- ----------- -----------
MyMachine Security Update KB2909921 NT AUTHORITY\SYSTEM

检查:KB2926827“Web浏览器控件托管应用程序可能会意外丢失 session 信息”(包含在上面的CU中; http://support.microsoft.com/kb/2926827)
PS C:\Windows\System32> get-hotfix -id KB2926827
Get-HotFix : This command cannot find hot-fix on the machine 'localhost'. Verify the input and Run your command again.
At line:1 char:11
+ get-hotfix <<<< -id KB2926827
+ CategoryInfo : ObjectNotFound: (:) [Get-HotFix], ArgumentException
+ FullyQualifiedErrorId : GetHotFixNoEntriesFound,Microsoft.PowerShell.Commands.GetHotFixCommand

更新

这是一个痛苦的骇客,可能会有所帮助。不能保证,非常慢,只能找到遵循当前URL约定的KB /按照我的抓取工具假定的格式格式化HTML。
可以通过将结果缓存在某个位置/可能用于构建引用数据库来改进。
function get-hotfixInfo()
{
process
{
#$url = "http://support2.microsoft.com/kb/{0}" -f ($_.HotFixId -replace "KB(\d*)",'$1')
$url = $_.Caption
try
{
$response = (Invoke-Webrequest $url -ea stop)
} catch {
$response = @{
ParsedHTML = @{
Title = "{0}`n`nURL: {1}" -f $error[0].Exception,$url
}
}
}
$html = $response.ParsedHTML
$isCU = $html.title -like "*cumulative*update*"
$kblets = $null
if($isCU) #this bit can be even slower than the above, hence only run if we believe we have a CU
{
$baseUri = $response.BaseResponse.ResponseURI
$kblets = $html.getElementsByTagName('a') `
| ? { ($_.parentNode.tagname -eq 'TD') -and ($_.parentNode.nextsibling.tagname = 'TD') } `
| ? { $_.className -eq 'KBlink' } `
| % { New-Object -TypeName PSObject -Prop @{
Id = "KB{0}" -f $_.innerText
Uri = (new-object System.URIBuilder($baseUri.scheme,$baseUri.dnssafehost,$baseUri.port,($_.href -replace "about:/(.*),'$1'"))).ToString()
Title = $_.parentNode.nextsibling.innerText
}}
}
New-Object -TypeName PSObject -Prop @{
Id = $_.HotFixId
IsCU = $isCU
Title = $html.title
Source = $_.source
Description = $_.description
InstalledBy = $_.installedby
InstalledOn = $_.installedon
Uri = "http://support2.microsoft.com/kb/{0}" -f ($_.HotFixId -replace "KB(\d*)",'$1')
KBlets = $kblets
}
}
}

#get the first 2 cumulative update hotfixes
get-hotfix | get-hotfixInfo | ?{$_.isCU} | select -first 2 | fl

#get the hotfix id for IE11 CU Feb 2014, and it's component hotfixes
get-hotfix -id kb2909921 | get-hotfixInfo | %{ New-Object -TypeName PSObject -Prop @{Id=$_.Id;Title=$_.Title}; $_.KBlets | %{ New-Object -TypeName PSObject -Prop @{Id=$_.Id;Title=$_.Title}}} | ft -autosize

关于powershell - 使用Powershell检测修补程序和累积更新,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/26306519/

26 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com