Powershell To Fetch Patches Installed in Last 30 Days on Windows System

What is the need for this PowerShell script.

This script is needed when there is a discrepancy reported by vulnerability scan claiming that a set of windows systems are missing particular patch however the centralized patching tool is showing them as installed.
This script could be handy for auditors, control validator/tester to test if patches are installed periodically or to check recently patched dates etc.

Option 1

$cDate = Get-Date # Get the date 30 adys ago
$DaysAgo = $cDate.AddDays(-30) # Get all the Updates installed since 30 days ago
Get-HotFix | Where-Object {$_.InstalledOn -gt $DaysAgo}
$LastPatch = Get-HotFix | Sort-Object InstalledOn -Descending | Select-Object -First 1

Option 2

Get-CimInstance -Class win32_quickfixengineering | Where-Object { $_.InstalledOn -gt (Get-Date).AddDays(-30) }

Option 3

$Hosts = Get-Content -Path '.\hosts.txt' #contains list of hosts

#For each of the hosts in that file, run a command to gather patches installed on those hosts

Invoke-Command -ComputerName $Hosts -ScriptBlock {

Get-HotFix | Where-Object {$_.InstalledOn -gt ((Get-Date).AddDays(-30))

} | Select-Object -Property PSComputerName, Description, HotFixID, InstalledOn

} | Format-Table -AutoSize

| Out-File -Encoding utf8 -FilePath '.\Recent_OS_Updates.txt' -Append

-ErrorAction SilentlyContinue

Comments

MTBF MTTR MTTD

Juniper SRX Firewall: Console To Secondary Node From The Primary Node

In remote management, upstream or downstream interfaces of a network device are configured to accept the console connection such Telnet or SSH. The management traffic flows along with other transiting data traffic thru same interface.

Juniper SRX : Proxy ARP on Juniper SRX

Proxy ARP ( Address Resolution Protocol ) is a technique by which a intermediate network device like router replies to ARP request for a given IP address that is not part of local network. The router acts as a proxy for the destination device to which the host wants to communicate and provides its own MAC address as the reply. Note: Proxy ARP can help devices on a network reach remote subnets without the need to configure routing or a default gateway. Disadvantages of Proxy ARP Proxy ARP can lead to security and performance issues on the network. It poses a security risk by making the network vulnerable to ARP spoofinf attack. In attacks, malicious devices can impersonate proxies. Intercept or modify traffic between devices. It may introduce inconsistency into the network’s topology. Addressing scheme by concealing device locations and identities. Let see when and how proxy ARP is configured in Juniper by answering below questions which often comes to our mind ...

Cyber Security Through Technology Risk Management

Search This Blog