windows 10 version 1507

[c0rs]

Hello!
I have some misunderstanding regarding to the results of the tool obtained for windows 10 version 10.0.10240 N/A Build 10240 (1507). In my case OS has four installed hotfixs, the last of which dates from December 14, 2015 (KB3122962). Despite this, wes.py gives me result that host OS has only one vulnerability (CVE-2017-0143). Are these results normal for windows 10 1507 with four installed hotfixes? I supposed that other security updates were published for 4 year, but I can't find any updates for build 1507 after December 14, 2015 to confirm or deny the result.

Upd.
I run VB script from https://docs.microsoft.com/en-us/windows/desktop/wua_sdk/using-wua-to-scan-for-updates-offline and got following missing hotfixes: KB3172729, KB890830, KB4493478, KB4493475

[bitsadmin]

Interesting! I was not aware of the existence of the script you mention, I will take a look at it.

Regarding your issue, can you provide your systeminfo output file?

[c0rs]

Sure.

OS Name:                   Microsoft Windows 10 Enterprise 2015 LTSB
OS Version:                10.0.10240 N/A Build 10240
OS Manufacturer:           Microsoft Corporation
OS Configuration:          Standalone Workstation
OS Build Type:             Multiprocessor Free
Registered Owner:          Windows User
Registered Organization:
Product ID:                00329-50000-00001-AA212
Original Install Date:     5/13/2019, 1:27:55 PM
System Boot Time:          5/20/2019, 11:14:22 AM
System Manufacturer:       VMware, Inc.
System Model:              VMware Virtual Platform
System Type:               x64-based PC
Processor(s):              1 Processor(s) Installed.
                           [01]: Intel64 Family 6 Model 142 Stepping 10 GenuineIntel ~1800 Mhz
BIOS Version:              Phoenix Technologies LTD 6.00, 7/2/2015
Windows Directory:         C:\Windows
System Directory:          C:\Windows\system32
Boot Device:               \Device\HarddiskVolume1
System Locale:             en-us;English (United States)
Input Locale:              en-us;English (United States)
Time Zone:                 (UTC+03:00) Kuwait, Riyadh
Total Physical Memory:     2,047 MB
Available Physical Memory: 1,087 MB
Virtual Memory: Max Size:  3,199 MB
Virtual Memory: Available: 2,121 MB
Virtual Memory: In Use:    1,078 MB
Page File Location(s):     C:\pagefile.sys
Domain:                    WORKGROUP
Logon Server:              \\DESKTOP-06DTD6I
Hotfix(s):                 4 Hotfix(s) Installed.
                           [01]: KB3116097
                           [02]: KB3118714
                           [03]: KB3119598
                           [04]: KB3122962
Network Card(s):           1 NIC(s) Installed.
                           [01]: Intel(R) 82574L Gigabit Network Connection
                                 Connection Name: Ethernet0
                                 DHCP Enabled:    Yes
                                 DHCP Server:     192.168.157.254
                                 IP address(es)
                                 [01]: 192.168.157.152
                                 [02]: fe80::fc9e:289a:95de:b42c
Hyper-V Requirements:      A hypervisor has been detected. Features required for Hyper-V will not be displayed.

[bitsadmin]

This has been a while ago, but meanwhile based on your suggestion I created the missingkbs.vbs script which can be executed either online using Windows Update or offline using a pre-downloaded scanfile to determine the KBs that are missing. This list of KBs can then be provided to the updated wes,py script (-m parameter) to obtain information on which CVEs are associated with the missing KBs. Feel free to check it out from the dev branch in this repository.

I am currently in the process of finalizing a blog on how Windows versions/updates work, and how WES-NG can help to identify missing KBs, which also includes this new tool. Keep an eye on my blog (https://bitsadm.in/) or Twitter (https://twitter.com/bitsadmin) where I will publish/announce it!

Thanks again for pointing me to that script!