WannaCry ransomware için Gerekli Yamalar Yüklü mü? Nasıl Kontrol Ederim?

Bu hafta sonunun en güncel sorusu için hızlı bir PS paylaşmak istiyorum;

$Hostname = hostname
$hotfixes = “KB4012212”, “KB4012217”, “KB4015551”, “KB4019216”, “KB4012216”, “KB4015550”, “KB4019215”, “KB4013429”, “KB4019472”, “KB4015217”, “KB4015438”, “KB4016635”, “KB4012213”, “KB4012212″
$hotfix = Get-HotFix -ComputerName $Hostname | Where-Object {$hotfixes -contains $_.HotfixID} | Select-Object -property “HotFixID”
if (Get-HotFix | Where-Object {$hotfixes -contains $_.HotfixID} )
{
“Found HotFix: ” + $hotfix.HotFixID
} else {
“Update yüklü değil.”
}

KB4012212 – Windows Server 2008
KB4012212 – Windows Server 2008 R2
KB4012217 KB4015551 KB4019216 – Windows Server 2012
KB4012216 KB4015550 KB4019215 KB4012213 – Windows Server 2012 R2
KB4013429 KB4019472 KB4015217 KB4015438 KB4016635 – Windows Server 2016

Kürşat ARI komut setini geliştirdi ve daha otomatik bir hal aldı, kendisine teşekkür ediyorum;

——Herhangi bir  KBxxxx patch inin bir host üzerinde varolup olmadığının script ile kontrolü———–

 

Kaynak bir .txt üzerindeki hostlardan oluşuyorsa hostname.txt dosyamız aşağıdaki formatlardan birinde olmalı

 

Örnek hostname.txt dosyamızın içeriği

Pc1

Pc2

Pc3

Srv1

Srv2

Srv3

 

#####################################################################################################

cls

 

$Installed=@()

$NotInstalled=@()

$Serverlist=Get-Content c:\temp\hostname.txt

$hotfixes = “KB4012212”,“KB4012217”,“KB4015551”,“KB4019216”,“KB4012216”,“KB4015550”,“KB4019215”,“KB4013429”,“KB4019472”,“KB4015217”,“KB4015438”,“KB4016635”,”KB4012213″,”KB4012214″

 

foreach ($server in $Serverlist) {

 

$Hostname = $server

$hotfix = Get-HotFix -ComputerName $Hostname | Where-Object {$hotfixes -contains $_.HotfixID} | Select-Object -property “HotFixID”

if (Get-HotFix -ComputerName $Hostname | Where-Object {$hotfixes -contains $_.HotfixID} )

{

$Installed+=$Hostname

Write-Host “Bulunan Hotfix:  $($hotfix.HotFixID) $Hostname Sunucusu için bir problem yok” -BackgroundColor Green

} else {

$NotInstalled+=$Hostname

Write-host “$hostname sunucusunda WannaCry için Update yüklü değil.” -BackgroundColor red

}

}

Write-host”Yuklu olanlar—————-”

$Installed

Write-host “—————————-”

Write-host “Yuklu olmayanlar————”

$NotInstalled

Write-host “—————————–”

 

#######################################################################################################

 

Kaynak Active directoryde bulunan hostlar ise

4.satırda bulunan ifade ;

Sadece Windows serverlar için   à Get-ADComputer -filter {OperatingSystem -like “Windows Server*”}|Select-Object DNSHostName

Sadece Windows Clientlar için    à Get-ADComputer -filter {OperatingSystem -notlike “Windows Server*”}|Select-Object DNSHostName

Tüm hostlar için                             à Get-ADComputer -filter * | Select-Object DNSHostName

 

Şeklinde olmalı

 

#######################################################################################################

 

 

cls

 

$Installed=@()

$NotInstalled=@()

$Serverlist= Get-ADComputer -filter {OperatingSystem -like “Windows Server*”}

 

$hotfixes = “KB4012212”,“KB4012217”,“KB4015551”,“KB4019216”,“KB4012216”,“KB4015550”,“KB4019215”,“KB4013429”,“KB4019472”,“KB4015217”,“KB4015438”,“KB4016635”,”KB4012213″,”KB4012214″

 

foreach ($server in $Serverlist) {

 

$Hostname = $server

$hotfix = Get-HotFix -ComputerName $Hostname.DNSHostName | Where-Object {$hotfixes -contains $_.HotfixID} | Select-Object -property “HotFixID”

if (Get-HotFix -ComputerName $Hostname.dnshostname | Where-Object {$hotfixes -contains $_.HotfixID} )

{

$Installed+=$Hostname.DNSHostName

Write-Host “Bulunan Hotfix:  $($hotfix.HotFixID) $($Hostname.dnshostname) Sunucusu için bir problem yok” -BackgroundColor Green

} else {

$NotInstalled+=$Hostname.DNSHostName

Write-host “$($hostname.dnshostname) sunucusunda WannaCry için Update yüklü değil.” -BackgroundColor red

}

}

Write-host”Yuklu olanlar—————-”

$Installed

Write-host “—————————-”

Write-host “Yuklu olmayanlar————”

$NotInstalled

Write-host “—————————–”

 

#######################################################################################################