// This is the script to give summary on the main page.
Think IPM

Saturday, May 13, 2017

PSA: Powershell script to find unpatched machines. (WannaCry)

imageI’m not a programmer but PowerShell is really starting to grow on me lately.  Here is a quick script that will see if your servers are properly patched for the WannaCry ransomware exploit.

It’s not super fast but it should do the job.  I’m sure there are PLENTY of improvements to be made to it.  If you make any, please drop me (and everyone else) a note in the comments with your new improved version.

The script takes a file as input with a list of machine names in it (1 per line) and outputs that same server list with any appropriate hotfixes next to them.  Any names without hotfixes next to them should be investigated.

You can add additional hotfixes as they are released to the list below.

# List of all HotFixes containing the patch
$hotfixes = "KB4012212", "KB4019215", "KB4012217", "KB4012218",  "KB4015551", "KB4015552",  "KB4019216", "KB4012216", "KB4015549", "KB4015550", "KB4013429", "KB4019472", "KB4015217", "KB4015438", "KB4016635", "KB4019264"

$listofvms = Read-Host " Full path to VM txt file - (i.e. C:\Carlo\VMS.TXT)"
$guests =  get-content $listofvms

foreach ($guest in $guests) {

# Search for the HotFixes
$hotfix = Get-HotFix -ComputerName $guest | Where-Object {$hotfixes -contains $_.HotfixID} | Select-Object -property "HotFixID"

write-host -foregroundcolor yellow $guest $hotfix



As always with scripts on the internet, your mileage may vary and this script comes with no guarantees AT ALL.  Not responsible if it burns your house down, steals your mate or cancels your health insurance.

blog comments powered by Disqus Blog Widget by LinkWithin