64 Bit Patch Audits for Windows 2003
Tenable's Research group recently added support to the Nessus ProfessionalFeed and HomeFeed to audit missing 64 bit Windows 2003 security patches via file version checks.
File version checking is the most effective way to test a Windows system for missing patches. Nessus has been able to do this on most Windows OSes (including 64 bit Windows Vista and Windows 2008) for a long time and due to customer demand, we've added support for Windows 2003 64 bit systems.
Tenable also recently improved the performance of the smb_hotfixes.nasl plugin to reduce network traffic. This will decrease the amount of time it takes to perform patch audits of all Windows systems.
To make use of this functionality, simply update your Nessus plugins and then perform a credentialed audit of a 64 bit Windows 2003 system with the "Windows : Microsoft Bulletins" plugin family enabled as shown below:
If you are unfamiliar with performing credentialed patch audits with Nessus, please refer to the documentation and example video which show how to perform these types of audits.
If you perform patch auditing with Nessus, these previous blog entries will be of interest:
Related Articles
CVE-2024-7593: Ivanti Virtual Traffic Manager Authentication Bypass Vulnerability
August 14, 2024Ivanti released a patch for a critical severity authentication bypass vulnerability and a warning that exploit code is publicly available
Microsoft’s August 2024 Patch Tuesday Addresses 88 CVEs
August 13, 2024Microsoft addresses 88 CVEs with seven critical vulnerabilities and 10 zero-day vulnerabilities, six of which were exploited in the wild.
Compromising Microsoft's AI Healthcare Chatbot Service
August 13, 2024Tenable Research discovered multiple privilege-escalation issues in the Azure Health Bot Service via a server-side request forgery (SSRF), which allowed researchers access to cross-tenant resources.
- Patch Auditing