-d argument always get only 1 missing patches

bitsadmin / wesng

Windows Exploit Suggester - Next Generation

BSD 3-Clause "New" or "Revised" License

4.24k stars 571 forks source link

-d argument always get only 1 missing patches #66

Open hasamba opened 2 years ago

hasamba commented 2 years ago

Running Wes-ng on my virtual lab, on win10 1809 (latest hotfix is from 2019), server 2016, server 2019 always returning only 1 missing patch on each which does not seems correct

wes_srv19_with_d.txt wes_srv19_without_d.txt wes_srv16_with_d.txt wes_srv16_without_d.txt wes_win101809_without_d.txt wes_win101809_with_d.txt

bitsadmin commented 2 years ago

Thanks hasamba for your detailed bug report!

For now as a workaround you can use the missingkbs.vbs script to identify potential exploitable vulnerabilities using wes.py's -m parameter.

More details in the missingkbs.vbs section of this blog post: https://blog.bitsadmin.com/blog/windows-security-updates-for-hackers#missingkbsvbs

WHATSUPTOYOU commented 2 years ago

It's seems like the "get_most_recent_kb" function returns the most recent date of all found KBs, but not the installed patches?