Hello, welcome to the Thursday, May 5th, 22 edition of the Sands and its Storm Center's Stormcast. My name is Johannes Ulrich, and today I'm recording from Jacksonville, Florida.

Rob went into some details how to figure out when a window system was last completely patched.

And the difficulty he ran into with a prior PowerShell script that he wrote for that purpose

was that there may have been some individual patches, like, for example, the servicing stack

for Windows, which really just updates the update system itself that got

installed in a particular month, but the cumulative updates that do install all the other

patches are not installed. And of course, if you're just looking at the date, that's then

not sufficient to figure out what patches were installed.

So you actually need to then resolve the knowledge-based numbers associated with the patch.

And that's sort of what Rob goes into here, trying to figure out how to use PowerShell based on the knowledge base number to figure

out if you're dealing with a cumulative patch or with one of these individual patches.

Rob included a partial PowerShell script here as part of the post, but is asking for a little

feedback how to possibly do this better.

And of course, feel free to use Rob's script for your own purposes.

And talking about patches, bleeping computers a couple days ago talked about how fake Windows

updates are being used to distribute ransom air.

Wasn't really clear how they get advertised and really the locations that downloaded from

are really less than reputable.

It's essentially sort of various sites and sites that also pedal cracks for games.

So not really sure why anybody would install it,

but the file names are something like,

you know, system upgrade, Windows 10 and such.

...