Skip to main content

5 posts tagged with "Security"

View All Tags

Monitoring Microsoft Office / 365 Apps with PowerShell

· 2 min read
Mikey O'Toole
Mikey O'Toole

This script uses an undocumented Microsoft 365 API to check the latest version of Microsoft Office / 365 Apps and compares it to the installed version. It then sets a custom field in NinjaOne to indicate whether the latest security release (if there is one) is installed. It also sets fields to indicate the channel, installed version, update status and a card containing more detailed information.

Thanks to:
security

This article uses an undocumented API to check the latest version of Microsoft Office / 365 Apps. This API is subject to change without notice and may stop working at any time. Use at your own risk.

Initialise PSResourceGet (PowerShellGetv3) and PackageManagement

· One min read
Mikey O'Toole
Mikey O'Toole

PowerShell 5.1 as shipped with Windows 10 and 11 includes versions 1.0.0.1 of PackageManagement and PowerShellGet this old version cannot install most modern modules, nor can it self update properly.

In most cases fixing this runs into numerous issues with conflicting versions or files in use. This script is an adaptation of a script by Chris Taylor which takes a different approach to downloading the modules, has a bit more error checking and further installs the new PSResourceGet module which is the replacement for PowerShellGet.

Downloading CVE-2022-41099 Patch and SSU files

· 5 min read
Mikey O'Toole
Mikey O'Toole

Collaboration with Martin Himken

This post and the WinRE patching script on Martin's blog at https://manima.de are the result of a collaboration between Martin and I to help mutually improve our various efforts towards patching CVE-2022-41099.

Read Martin's blog on WinRE patching
security

This article relates to CVE-2022-41099 which is a vulnerability in the Windows Recovery Environment (WinRE) which could allow a successful attacker to bypass the BitLocker Device Encryption feature on the system storage device. An attacker with physical access to the target could exploit this vulnerability to gain access to encrypted data.

Monitoring AntiVirus status with PowerShell

· 2 min read
Mikey O'Toole
Mikey O'Toole

Background information

Ninja doesn't currently support native AV monitoring via Windows Security Center, integrated AV packages are monitored but what if you need more?

Creating Fields

Creating custom fields in NinjaOne
To create a custom field in NinjaOne go to Administration > Devices and select either Role Custom Fields or Global Custom Fields then select Add.

  • Role Custom Fields are custom fields that are specific to a device role.
  • Global Custom Fields are custom fields that are applicable to all devices and/or to a location and/or organisation
Make sure you add the fields to the roles you want to use them in at Administration > Devices > Roles (for role custom fields).

When you create your custom field you need to make sure that you set the Scripts permission to ensure that you can read or write to the field from your scripts - as appropriate for the script you're using.

We're going to create one role custom field for devices with the Windows Desktop or Windows Laptop role:

Field NameField TypeDescription
Detailed AV StatusMulti-LineOutput for each configured AV on the system including name and status information.