This is a Datto RMM component to mitigate CVE-2021-36934, aka Serious SAM.
It follows the mitigation measures outlined at:
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-36934
- https://kb.cert.org/vuls/id/506989
USE AT YOUR OWN RISK. EXPECT THIS TO BREAK SOME BACKUPS TEMPORARILY.
Only basic error checking is in place.
Just upload the component into Datto RMM and run it. It will prompt you for a UDF to set that will either be set to "Mitigated" or "UN-mitigated" allowing you to filter machines based on the mitigation. This is because current (reliable & easy) tests for the vulnerability require UN-privileged access to run, not an easy task with Datto RMM.
If you use another RMM review the code comments, the script will still work but you may need to swap out some vendor specific items.
Fork the repo and then submit a pull request.