The first step is to set the patch number that needs to be detected. We know that every patch from Microsoft will have a standard number (e.g.KB828741), for the latest patches we can get from Microsoft's website. Then, place the patch number you want the user to install in an array. According to differentWindowsWe need to set different detection patch numbers for the operating system. Based on the currentWindowsI'm only sure about the system usageWindows 2000/2003/XPPerform testing.
Figure 1. Flowchart for using WMI to implement patch detection
The first step is to set the patch number that needs to be detected. We know that each patch from Microsoft will have a standard number (such as KB828741), and for the latest patches we can get from Microsoft's website. Then, place the patch number you want the user to install in an array. We need to set different detection patch numbers according to different Windows operating systems. Based on the current Windows system usage, I only check Windows 2000/2003/XP.
‘For Windows 2000
arrFixed_WIN2K=Array("KB840315","KB870669","KB828741","KB835732",
"KB840987","KB841356","KB885835","KB885836",
"KB842526","KB841872","KB841873","KB889293")
'For Windows 2003 system
arrFixed_WIN2K3=Array("KB834707","KB840374","KB867801","KB833987",
"KB873376","KB885835","KB885836")
'For Windows XP SP1
arrFixed_XP1=Array("KB840987","KB833987","KB839645","KB840315","KB841873","
KB873376","KB841356","KB889293","KB885835","KB885836")
'For Windows XP SP2
arrFixed_XP2=Array("KB834707","KB885835","KB885836")
The second step is to create a WMI object and establish a connection with the target host.
Dim objWMIService // WMI object
Dim strComputer = "." // The address is the current host
Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
First, define two variables objWMIService and strComputer. The first one locates the object for the service we want to create, and the second one is the target host IP address (if the current host is "."). The third sentence creates a service object connected to the target host, defining the namespace parameter as "root\cimv2". In this namespace, there is the system information we will use next.
Socket: For detailed code, please see Check_patch.txt attached to the CD. Change the file extension txt to VBS. You can double-click to run under Windows. If the current system detects that there is no patch, a prompt window will appear, otherwise nothing will be available.
The third step is to read the current user operating system information and the installation of patches. Under the namespace "root/cimv2", the instance "Win32_OperatingSystem" provides us with detailed current operating system information. We use Wql (sql for WMI) to read this instance. Friends who are familiar with SQL syntax will know what they are doing at a glance.
' First judge the host system information: OS and SP patch version status
' Get system information
Dim objOSInfo // Get operating system information
Dim intOSver,intOStype,intCurrentSP // Current system version, type, Service Pack number
Set objOSInfo = ("Select ServicePackMajorVersion,Version,OSType FROM Win32_OperatingSystem")
For Each colOSInfo In objOSInfo
intCurrentSP = ‘sp security patch version
intOSver = ‘OS version number
intOStype = ‘Operating system type
Next
Socket: How do you know which namespace to connect to and which objects to obtain? The WMI Technical Guidelines [3] lists a large number of commonly used objects. Unfortunately, it does not have corresponding e-books, so you can only go to the bookstore to find it. You can also use the search function of the WMI CIM Studio tool in WMITools, and it is easy to find the object you want. After finding the object, WMI CIM Studio can list its properties and methods, and then go to MSDN to find specific help.
Step 4: Obtain patch information that has been installed on the current system. Under "root\cimv2", the "HotFixID" attribute under the instance "Win32_QuickFixEngineering" stores the patch information installed on the current system.
'*******************************************************************
'*Read the installed patch list of target host to string strFixedList
'*******************************************************************
Dim colQFE, objQFE
Dim strHotFixID, strFixedList, strFind, strNoFixed
Set colQFE = ("SELECT HotFixID FROM Win32_QuickFixEngineering")
In the fourth step, save the read user patch number to an array variable, and then match it with the corresponding array we defined in "Step 1" to find out the patch number that is not installed in the current system. The implementation of this part is relatively simple, please refer to the following code.
Step 5: Display the final detection result.
At this point, the entire patch detection process is over. As long as the script file is clicked and run, the patch check can be completed. Especially for network administrators who have already established the Acitve Directory domain in the enterprise, just add this script to the domain controller's group policy, and perform patch detection on each user logged in to the domain to prompt the user for the latest patch information. They no longer have to worry about the user not installing the latest patch, which greatly improves the internal network security management of the enterprise.
Figure 1. Flowchart for using WMI to implement patch detection
The first step is to set the patch number that needs to be detected. We know that each patch from Microsoft will have a standard number (such as KB828741), and for the latest patches we can get from Microsoft's website. Then, place the patch number you want the user to install in an array. We need to set different detection patch numbers according to different Windows operating systems. Based on the current Windows system usage, I only check Windows 2000/2003/XP.
‘For Windows 2000
arrFixed_WIN2K=Array("KB840315","KB870669","KB828741","KB835732",
"KB840987","KB841356","KB885835","KB885836",
"KB842526","KB841872","KB841873","KB889293")
'For Windows 2003 system
arrFixed_WIN2K3=Array("KB834707","KB840374","KB867801","KB833987",
"KB873376","KB885835","KB885836")
'For Windows XP SP1
arrFixed_XP1=Array("KB840987","KB833987","KB839645","KB840315","KB841873","
KB873376","KB841356","KB889293","KB885835","KB885836")
'For Windows XP SP2
arrFixed_XP2=Array("KB834707","KB885835","KB885836")
The second step is to create a WMI object and establish a connection with the target host.
Dim objWMIService // WMI object
Dim strComputer = "." // The address is the current host
Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
First, define two variables objWMIService and strComputer. The first one locates the object for the service we want to create, and the second one is the target host IP address (if the current host is "."). The third sentence creates a service object connected to the target host, defining the namespace parameter as "root\cimv2". In this namespace, there is the system information we will use next.
Socket: For detailed code, please see Check_patch.txt attached to the CD. Change the file extension txt to VBS. You can double-click to run under Windows. If the current system detects that there is no patch, a prompt window will appear, otherwise nothing will be available.
The third step is to read the current user operating system information and the installation of patches. Under the namespace "root/cimv2", the instance "Win32_OperatingSystem" provides us with detailed current operating system information. We use Wql (sql for WMI) to read this instance. Friends who are familiar with SQL syntax will know what they are doing at a glance.
' First judge the host system information: OS and SP patch version status
' Get system information
Dim objOSInfo // Get operating system information
Dim intOSver,intOStype,intCurrentSP // Current system version, type, Service Pack number
Set objOSInfo = ("Select ServicePackMajorVersion,Version,OSType FROM Win32_OperatingSystem")
For Each colOSInfo In objOSInfo
intCurrentSP = ‘sp security patch version
intOSver = ‘OS version number
intOStype = ‘Operating system type
Next
Socket: How do you know which namespace to connect to and which objects to obtain? The WMI Technical Guidelines [3] lists a large number of commonly used objects. Unfortunately, it does not have corresponding e-books, so you can only go to the bookstore to find it. You can also use the search function of the WMI CIM Studio tool in WMITools, and it is easy to find the object you want. After finding the object, WMI CIM Studio can list its properties and methods, and then go to MSDN to find specific help.
Step 4: Obtain patch information that has been installed on the current system. Under "root\cimv2", the "HotFixID" attribute under the instance "Win32_QuickFixEngineering" stores the patch information installed on the current system.
'*******************************************************************
'*Read the installed patch list of target host to string strFixedList
'*******************************************************************
Dim colQFE, objQFE
Dim strHotFixID, strFixedList, strFind, strNoFixed
Set colQFE = ("SELECT HotFixID FROM Win32_QuickFixEngineering")
In the fourth step, save the read user patch number to an array variable, and then match it with the corresponding array we defined in "Step 1" to find out the patch number that is not installed in the current system. The implementation of this part is relatively simple, please refer to the following code.
Step 5: Display the final detection result.
At this point, the entire patch detection process is over. As long as the script file is clicked and run, the patch check can be completed. Especially for network administrators who have already established the Acitve Directory domain in the enterprise, just add this script to the domain controller's group policy, and perform patch detection on each user logged in to the domain to prompt the user for the latest patch information. They no longer have to worry about the user not installing the latest patch, which greatly improves the internal network security management of the enterprise.