4 posts tagged with "CVE"

Monitoring Microsoft Office / 365 Apps with PowerShell

June 16, 2024 · 2 min read

This script uses an undocumented Microsoft 365 API to check the latest version of Microsoft Office / 365 Apps and compares it to the installed version. It then sets a custom field in NinjaOne to indicate whether the latest security release (if there is one) is installed. It also sets fields to indicate the channel, installed version, update status and a card containing more detailed information.

Thanks to:

The entire NinjaOne community on the NinjaOne Discord for the inspiration and support.
David Szpunar for his efforts on various M365 / Office apps scripts.
Kelvin Tegelaar for his prior M365 / Office apps scripts.

security

This article uses an undocumented API to check the latest version of Microsoft Office / 365 Apps. This API is subject to change without notice and may stop working at any time. Use at your own risk.

Initialise PSResourceGet (PowerShellGetv3) and PackageManagement

March 26, 2024 · One min read

Mikey O'Toole

PowerShell 5.1 as shipped with Windows 10 and 11 includes versions 1.0.0.1 of PackageManagement and PowerShellGet this old version cannot install most modern modules, nor can it self update properly.

In most cases fixing this runs into numerous issues with conflicting versions or files in use. This script is an adaptation of a script by Chris Taylor which takes a different approach to downloading the modules, has a bit more error checking and further installs the new PSResourceGet module which is the replacement for PowerShellGet.

CVE Detection / Monitoring with NinjaOne Custom Fields

February 13, 2024 · 10 min read

Mikey O'Toole

This post will hold detection scripts for any serious CVE vulnerability that we write detection scripts for in the future. It will be updated and added to as new vulnerability detection scripts are written.

Downloading CVE-2022-41099 Patch and SSU files

January 17, 2023 · 5 min read

Mikey O'Toole

Collaboration with Martin Himken

This post and the WinRE patching script on Martin's blog at https://manima.de are the result of a collaboration between Martin and I to help mutually improve our various efforts towards patching CVE-2022-41099.

Read Martin's blog on WinRE patching

security

This article relates to CVE-2022-41099 which is a vulnerability in the Windows Recovery Environment (WinRE) which could allow a successful attacker to bypass the BitLocker Device Encryption feature on the system storage device. An attacker with physical access to the target could exploit this vulnerability to gain access to encrypted data.