Hi all,
Need some help with my relevancy. I wrote relevancy to check if certain KB’s have been installed. Here is what I came up with…
if name of operating system contains “Win10” OR name of operating system contains “Win201” OR name of operating system contains “Win8” OR name of operating system contains “Linux” then "Not Relevant"
else if exists key “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\RebootRequired” of native registry then "Reboot Needed"
else if name of operating system contains “WinXP” OR name of operating system contains “Win7” OR name of operating system contains “Win200” AND exists (string values of properties “HotFixID” of it) whose (it starts with “KB4499175”) of select objects “HotFixID from Win32_QuickFixEngineering” of wmis OR exists (string values of properties “HotFixID” of it) whose (it starts with “KB4499180”) of select objects “HotFixID from Win32_QuickFixEngineering” of wmis OR exists (string values of properties “HotFixID” of it) whose (it starts with “KB4500331”) of select objects “HotFixID from Win32_QuickFixEngineering” of wmis then "Patched"
else “Not Patched”
This query knows when these are installed:
KB4499149 – Rollup for Windows Server 2008
KB4499164 – Rollup for Windows 7 / Server 2008 R2
Even though the relevance only queries for these:
KB4499175 – Security Only for Windows 7 / Server 2008 R2 / Embedded
KB4500331 – Security Update Windows XP / Server 2003
KB4499180 – Security Only for Windows Server 2008
The interesting thing is I am not searching for the “Cumulative” KB’s in my logic, however, if a machine has installed the cumulative rather than the Security Only, then my property reports properly that the system is “Patched”. So how does it know when the cumulative is installed?
Thanks in advance