Jetzt Ausprobieren

Intel-SA-00086 Audit

Security Software Vulnerability

Find All Computers Vulnerable to the Intel SA-00086 Exploit

Find computers vulnerable to the Intel-SA-00086 Management Engine (ME), Trusted Execution Engine (TXE) and Server Platform Services (SPS) vulnerabilities. By following the instructions on our blog, and running the audit below after it, you can identify vulnerable machines that need to be patched.

Intel-SA-00086 Query

Select Top 1000000 tblAssets.AssetID,
tblAssets.AssetName,
tblAssets.Domain,
tblAssetCustom.Manufacturer,
tblAssetCustom.Model,
tblProcessor.Name As CPU,
tsysAssetTypes.AssetTypeIcon10 As icon,
tblAssets.IPAddress,
Case
When tblRegistry.Value Is Null Then
'Intel tool has not been run or the registry value has not yet been scanned'
Else tblRegistry.Value End As value,
Case When (tblRegistry.Value Like '%This system is vulnerable%') Then 'red'
When (tblRegistry.Value Like '%Detection error%' Or
tblRegistry.Value Is Null) Then 'black' Else 'green' End As foregroundcolor,
TsysLastscan.Lasttime As RegLastScanned,
tblAssets.Lastseen,
tblAssets.Lasttried
From tblAssets
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Inner Join tblProcessor On tblAssets.AssetID = tblProcessor.AssetID
Left Join tblRegistry On tblAssets.AssetID = tblRegistry.AssetID And
tblRegistry.Valuename = 'System Risk'
Left Join TsysLastscan On TsysLastscan.AssetID = tblAssets.AssetID And
TsysLastscan.CFGcode = 50
Left Join tblOperatingsystem On tblAssets.AssetID = tblOperatingsystem.AssetID
Where tblAssetCustom.Model Not Like '%Virtual%' And
tsysAssetTypes.AssetTypename = 'Windows' And (tblOperatingsystem.Caption Like
'%Windows 10%' Or tblOperatingsystem.Caption Like '%Windows 8%' Or
tblOperatingsystem.Caption Like '%Windows 7%' Or
tblOperatingsystem.Caption Like '%Windows Server 2012%' Or
tblOperatingsystem.Caption Like '%Windows Server 2016%')

Show

Hide