MS17-010 verify (WannaCry &co.)
Log In or Register to download the BES file, and more.

1 Votes

Versioning - This is the latest version.

1MS17-010 verify all relevant Windows versions5/21/2017 12:32:25 AM
2MS17-010 verify all relevant Windows versions5/24/2017 11:30:19 AM
3MS17-010 verify all relevant Windows versions5/24/2017 2:12:42 PM
4MS17-010 verify (WannaCry &co.)6/6/2017 7:05:39 AM

Description

verify for MS17-010 vulnerability (WannaCry & co.)

version query based on https://support.microsoft.com/de-at/help/4023262/how-to-verify-that-ms17-010-is-installed


Property Details

ID2998568
StatusBeta - Preliminary testing ready for more
TitleMS17-010 verify (WannaCry &co.)
DomainBESC
KeywordsMS017-010 vulenrability (WannaCry & co.) all Windows versions
Added by on 6/6/2017 7:05:39 AM
Last Modified by on 6/6/2017 7:05:39 AM
Counters 2215 Views / 27 Downloads
User Rating 1 star 2 star 3 star 4 star 5 star * Average over 1 rating. ** Log In or Register to add your rating.

Properties

SMB1_UpToDate
Period Every Report
 
  * Results in a true/false
Show indented relevance
( ( ((name of it = "Win10" OR Name of it = "Win2016" AND build number of it as string = "14393") of operating system) AND it >= "10.0.14393.953" ) OR ( ((name of it = "Win10" AND build number of it as string = "10586") of operating system) AND it >= "10.0.10586.839") OR ( ((name of it = "Win10" AND build number of it as string = "10240") of operating system) AND it >= "10.0.10240.17319") OR ( ((name of it = "WinVista" OR name of it = "Win2008" ) of operating system) AND (it >= "6.0.6002.19743" OR it >= "6.0.6002.24067") ) OR ( ((name of it = "Win7" OR name of it = "Win2008R2") of operating system) AND it >= "6.1.7601.23689") OR ( ((name of it = "Win8" OR name of it = "Win2012" ) of operating system) AND (it >= "6.2.9200.22099")) OR ( ((name of it = "Win8.1" OR name of it = "Win2012R2" ) of operating system) AND (it >= "6.3.9600.18604")) OR ( ((name of it = "Win2003") of operating system) AND (it >= "5.2.3790.6021")) OR ( ((name of it = "WinXP") of operating system) AND (it >= "5.1.2600.7208")) ) of versions of files "srv.sys" of folders "drivers" of native system folders
OS
Period Every Report
 
  * Results in a true/false
Show indented relevance
operating system
SMB1_Ver
Period Every Report
 
  * Results in a true/false
Show indented relevance
version of file "srv.sys" of folder "drivers" of native system folder

Relevance

isWindows (Relevance 1172)
Used in 1066 fixlets and 522 analyses   * Results in a true/false
Show indented relevance
windows of operating system

Sharing

Social Media:
Share this page on Yammer

Comments

Log In or Register to leave comments!
jgstew -
No need to apologize, just a tip. Ugly code that works is better than no code at all. Thanks for your work on this. With the update, it is a lot easier to see the connection between `SMB1_Ver` and `SMB1_UpToDate`
wwan -
jgstew - thank you very much for useful tips, at this point I can just say - sorry for my ugly code :-) new version changed according to your example. Thanks & Best Regards
jgstew -
( ( ((name of it = "Win10" OR Name of it = "Win2016" AND build number of it as string = "14393") of operating system) AND it >= "10.0.14393.953" ) OR ( ((name of it = "Win10" AND build number of it as string = "10586") of operating system) AND it >= "10.0.10586.839") OR ( ((name of it = "Win10" AND build number of it as string = "10240") of operating system) AND it >= "10.0.10240.17319") ) of versions of files "srv.sys" of folders "drivers" of native system folders
jgstew -
If you use plural relevance, you don't have to check for the existence of the file first. You can also combine the relevance differently so you only use the relevance that gets the version of the file once. My next comment will have an incomplete example.
wwan -
WinVista/Win2008 part is replaced. Thank you much for feedback.