Important Notice: On February 29th, this community was put into read-only mode. All existing posts will remain but customers are unable to add new posts or comment on existing. Please feel to join our Community Discord for any questions and discussions.

Meltdown-spectre patch collections

Please could we could a collection in Inventory that shows which computers are and which aren't patched against the meltdown-spectre vulnerabilities.

 

2

Comments

2 comments
Date Votes
  • This may prove difficult right now as patches are still coming out for various parts of these exploits almost daily still. It is also important to draw a line between the Operating System level patches and the Hardware (microcode) type patches from the HW vendors.

    Speaking specifically on the OS patches, there are various [KB#######] HotFixes for different OSs that are supposed to patch these exploits.

    Given the variations between OS patches, I have been trying to collect the various "Hot Fix" patches to look for and have created the following list that can be put into a Dynamic Collection to see if any of them are present as seen here:

    • KB4056894
    • KB4056897
    • KB4073290
    • KB4073291
    • KB4057144
    • KB4057142
    • KB4056897
    • KB4056898
    • KB4056890

    If anyone can expand on this list of KBs to check for on various OSs maybe we can compile a better list for this Dynamic Collection in PDQ.

    2
  • Thanks so much for this!

    0