I’ve written a lot about Microsoft PowerShell on this site, but my favorite thing to do is show how to apply the scripting language to various tasks y
I’ve written a lot about Microsoft PowerShell on this site, but my favorite thing to do is show how to apply the scripting language to various tasks you already have to do as part of your regular role and responsibilities. In a previous article, I demonstrated how to accomplish five common administrative tasks using PowerShell.
In this piece I’ll take five more IT administrative tasks (this time mostly security-related) that with a GUI would be slow and boring and show you how to script them using PowerShell.
1. Check for the presence of patches with PowerShell
In June 2017, the Petya/NotPetya malware disabled most of the IT assets in the country of Ukraine and spread worldwide, locking out several global financial and logistics firms from much their own hardware and software. I had a first-hand view of the chaos that ensued: My email address was mistakenly included in an emergency email chain from employees in a very large company who were desperate to communicate with each other using their personal addresses and accounts to keep their business running. It was a very disruptive time.
What’s more problematic is that the vulnerability that this malware uses to enter systems — the very same vulnerability exploited by May’s WannaCry ransomware attack — was patched in March 2017, two months before the WannaCry outbreak and three months before the Petya/NotPetya outbreak. I hope your enterprise has a robust patch-management platform with all the resources you need to patch regularly, consistently, and early enough to avoid being a victim. But apparently that is not the case at many firms, as that email thread and hundreds of news reports confirm.
So how can we leverage PowerShell to look for the patch that would mitigate this particular malware variant?