Blog Linoproject.net

IT Sysadmin VMWare Windows

Tech Tip: How to check Windows Patch against WannaCry using powercli

Byadmin

May 16, 2017 #powercli, #powershell, #vsphere, #Windows

Another time we are hearing about a worldwide attack using a ransomware to stole money (bitcoins) and create services unavailability or data losses. One question in many company is asked to IT department :- Are we protect against this attack?-

It’s know that this attack, like the major part of the attacks, is permitted due a security bugs in Windows systems. For this reason, last month, Microsoft made available a patch to avoid this attack. But how many people already have updated their system?

You know, sometimes is difficult for many IT department to find the right time to apply updates and patches, because in 99% of cases it requires a reboot, with consequent unavailability or dependency problems. Answering the question for protection, if you’re in a VMware farm with many windows VMs in a domain controller, you could take the advantage of the powercli to getting the state of windows update for every window VM.

A note from Microsoft is released with its KBID: https://support.microsoft.com/en-us/help/4013389/title

Requirements

  • an vCenter account with enough privileges to execute a script using Invoke-VM script
  • an active directory administrator account (or with enough privileges) to execute Get-HotFix command
  • powercli (of course!)

The Script

Here the example:

$vCenter = "vcenter-ip-fqdn"
$winUser = "DOMAIN\Administrator"
$winPwd =  "password"
$checkHotFix = @("KB4019215","KB4012598", "KB4012216", "KB4012213", "KB4012217", "KB4012214", "KB4012215" , "KB4012212", "KB4013429" , "KB4012606", "KB4013198")
Foreach ($vm in (Get-VM | Get-VMGuest | Select-String "windows")){
    $vm = ($vm -split ":")[0]
    ## Test credentials 
    Try {
        $result = Invoke-VMScript -VM $vm -GuestUser $winUser -GuestPassword $winPwd -ScriptText "[System.Environment]::OSVersion.Version" -ErrorAction Stop
    }Catch{
        Write-Host "Invalid Credentials for $vm"
        continue
    }    
    Write-Host "----------------------------------"
    Write-Host "VM Name $vm"
    Write-Host "----------------------------------"
   
    $result = Invoke-VMScript -VM $vm -GuestUser $winUser -GuestPassword $winPwd -ScriptText "Get-HotFix | Select 'HotFixID'"    
    Foreach ($fix in $checkHotFix){   
         if ($result.Contains($fix)){
            Write-Host " $fix  Found"
         }
    }
    Write-Host "----------------------------------"

}

For newbie in powercli, before launching the script you must connect to vCenter using the cmdlet Connect-VIServer. Hope this could be useful!

By admin

Related Post

Cloud communities DevOPS Events Sysadmin Tech Field Day VMWare

Kicking Off 2025

Feb 1, 2025 admin
Cloud communities Events VMWare

My VMware Explore 2024 Recap: Community, Innovation, and More!

Nov 25, 2024 admin
communities Events VMWare

Mastering Infrastructure As Code at VMwareExplore 2024 – VCFB1813BCN

Nov 3, 2024 admin

You missed

Cloud communities Events Tech Field Day

The Cloud Field Day 22 week!

2025-02-18 admin
Cloud communities DevOPS Events

HashiTalks 2025 Warm-up

2025-02-11 admin
Cloud communities DevOPS Events Sysadmin Tech Field Day VMWare

Kicking Off 2025

2025-02-01 admin
Cloud communities Events VMWare

My VMware Explore 2024 Recap: Community, Innovation, and More!

2024-11-25 admin

Utilizzando il sito, accetti l'utilizzo dei cookie da parte nostra. Using this site you accept cooking utilization. maggiori informazioni more Informations

Questo sito utilizza i cookie per fornire la migliore esperienza di navigazione possibile. Continuando a utilizzare questo sito senza modificare le impostazioni dei cookie o cliccando su "Accetta" permetti il loro utilizzo. This site uses cookies to provide the best browsing experience possible. By continuing to use this website without changing your cookie settings or clicking "Accept" allow their use.

Chiudi Close