Scanning tool for MS Patches

Scanning tool for MS Patches
Secure Home | Search | About
Login Password
Register Now! Lost Password?

Microsoft Applications Security - Microsoft's general security discussions and announcements 

Bookmark this page:  YahooMyWeb Yahoo!  Google Google  Windows Live Favorites Windows Live  del.icio.us del.icio.us  digg digg  Add to Netscape Netscape
Subject Author Date
Scanning tool for MS Patches dprivette 10-11-2005
Posted by =?Utf-8?B?ZHByaXZldHRl?= on October 11, 2005, 11:26 am
If you were  Registered and logged in, you could reply and use other advanced thread options
I am in a corporate environment and I am looking for a tool that I can run on
non company laptops such as consultants or vendors that need to connect to
our network that will search for particular (Critical) MS Patches on their
machine. I am looking for something that I can set the criteria to seach for
and something I can run without connecting to the internet in order for the
scan to run. Any suggestions?

Posted by Joseph Bittman MCSD on October 11, 2005, 12:22 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
October 11, 2005

Frankly, I'm not very familiar with tool I'm about to suggest:

Microsoft Baseline Analyzer (or MBSA)... it can scan machines with
criteria you specify *and* you can create an XML file with all the patches
you want to scan for (or that are available anyway) and then have it check
against that file when scanning. For more information about this tool, visit
the microsoft.public.security.baseline_analyzer newsgroup. :) Hope this
helps!

--
Joseph Bittman
Microsoft Certified Solution Developer

Web Site: http://71.39.42.23/
Static IP




>I am in a corporate environment and I am looking for a tool that I can run
>on
> non company laptops such as consultants or vendors that need to connect to
> our network that will search for particular (Critical) MS Patches on their
> machine. I am looking for something that I can set the criteria to seach
> for
> and something I can run without connecting to the internet in order for
> the
> scan to run. Any suggestions?



Posted by Quinten on October 11, 2005, 1:59 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
>I am in a corporate environment and I am looking for a tool that I can run
>on
> non company laptops such as consultants or vendors that need to connect to
> our network that will search for particular (Critical) MS Patches on their
> machine. I am looking for something that I can set the criteria to seach
> for
> and something I can run without connecting to the internet in order for
> the
> scan to run. Any suggestions?

The tool Permission Analyzer gives you a list of all installed software on
the workstations. You can filter on program (hotfix for example) or on
workstation. Just connect your laptop to the LAN and scan the network. The
tool fills an database, so you can work disconnected after the scan. The
tool gets the information out of the registry of the workstations, therefor
you probably need administrator rights.
http://www.PermissionAnalyzer.com



Posted by =?Utf-8?B?ZHByaXZldHRl?= on October 11, 2005, 2:21 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
The point of this scan is to make sure these laptops are properly patched
before they are connected to the network so if I have to have them connected
to do the initial scan that defeats the purpose.

"Quinten" wrote:

> >I am in a corporate environment and I am looking for a tool that I can run
> >on
> > non company laptops such as consultants or vendors that need to connect to
> > our network that will search for particular (Critical) MS Patches on their
> > machine. I am looking for something that I can set the criteria to seach
> > for
> > and something I can run without connecting to the internet in order for
> > the
> > scan to run. Any suggestions?
>
> The tool Permission Analyzer gives you a list of all installed software on
> the workstations. You can filter on program (hotfix for example) or on
> workstation. Just connect your laptop to the LAN and scan the network. The
> tool fills an database, so you can work disconnected after the scan. The
> tool gets the information out of the registry of the workstations, therefor
> you probably need administrator rights.
> http://www.PermissionAnalyzer.com
>
>
>

Posted by Byron Hynes [MS] on October 12, 2005, 2:50 am
If you were  Registered and logged in, you could reply and use other advanced thread options
It also depends on how thoroughly you want to check the system. For example
it's an easy task to write a vbs script that checks for the registry entries
made when patches are applied. This runs very quickly, although you would
have to maintain the list to check for either manually or with some scheduled
action. There are samples of this kind of checking available for the RQC/RQS
quarantine scenarios.

If you want to actually examine the binaries, then the solutions become much
more complex.

If this is for only one or two computers on an occassional basis, connect
them to a network outside your firewall that has internet access (or isolate
them with a $50 home-style router) and have them run microsoft update in
front of you.

Byron Hynes
Windows Server
Microsoft Corporation

http://spaces.msn.com/members/byronphynes

> I am in a corporate environment and I am looking for a tool that I can
> run on non company laptops such as consultants or vendors that need to
> connect to our network that will search for particular (Critical) MS
> Patches on their machine. I am looking for something that I can set
> the criteria to seach for and something I can run without connecting
> to the internet in order for the scan to run. Any suggestions?
>



Similar ThreadsPosted
RE: Scanning tool for KB870669? February 20, 2009, 12:49 pm
Port Scanning December 22, 2006, 3:29 pm
Ad-aware scanning issues October 15, 2005, 9:55 pm
Re: Are we safe from EMP scanning? - tempest.txt (0/1) June 12, 2005, 8:51 am
Scanning with Multifunction device July 24, 2006, 10:54 am
Scanning of encrypted content August 8, 2008, 1:09 pm
Are we safe from EMP scanning? - tempest.txt (0/1) June 7, 2005, 10:30 am
Increased scanning on port 445 (MS SMB) June 23, 2005, 7:20 pm
Open Ports after Port Scanning November 16, 2005, 3:44 pm
Norton AV 2006 scanning all of a sudden July 28, 2006, 11:04 pm

The site map in XML format XML site map

Contact Us | Privacy Policy