You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Got a systeminfo.txt from a Win Server 2012 R2 with 220 Hotfixes installed, wesng shows oder 9000 vulnerabilites.
A lot of them are for different systems like Win10/7, also comes with tons of duplicates.
Unfortunately we are dependent on the (incomplete) supersedence information provided by Microsoft. The --muc-lookup feature attempts to remove false positives, but is also not fool proof. The only option is then to manually validate the supposedly missing KBs to see if they have actually been superseded by a KB that is installed. For more info, see the blog: https://blog.bitsadmin.com/blog/windows-security-updates-for-hackers#eliminating-false-positives.
An alternative is to use the missingkbs.vbs script also available in this repository, to have Windows update identify the missing KBs.
In case you identified an error in the logic of wes.py, please elaborate.
Got a systeminfo.txt from a Win Server 2012 R2 with 220 Hotfixes installed, wesng shows oder 9000 vulnerabilites.
A lot of them are for different systems like Win10/7, also comes with tons of duplicates.
I used
./wes.py systeminfo.txt --exploits-only --hide "Internet Explorer" Edge Flash --muc-lookup
systeminfo.txt
The text was updated successfully, but these errors were encountered: