Hi Amandaw33,
Have you checked out the compliance by CVE if the CVE is listed there?
[cid:
image001.png@01D92CB0.7CFA8780]
Rufus Swart
Product Specialist: Assets
+27 10 823 5300<tel:+27%2010%20823%205300>
+27 82 532 3250
rufuss@dotcomsecurity.co.za<mailto:
rufuss@dotcomsecurity.co.za> [cid:full_ceb98e4e-74e5-4465-98ff-b2dae7d1a52b.png] <https:
www.dotcomsecurity.co.za/="">byls bridge office park centurion gauteng 0157
www.dotcomsecurity.co.za<http: www.dotcomsecurity.co.za="">
<https:
www.linkedin.com/company/dotcom-security="">[cid:linkedin_smallest_5697ca4f-5717-402c-9ca9-c8504e4ebfb0.png]<https: www.linkedin.com/company/dotcom-security=""> <https:
www.facebook.com/dotcomsoftwaresolutions/=""> [cid:facebook_smallest1_27395423-ad7e-46db-8ef2-bf8978015e01.png] <https:
www.facebook.com/dgcybersolutions=""> <https:
www.instagram.com/software_solutionssa/=""> [cid:instagram_smallest_c58443e8-826b-4124-a84e-29caed7eae6a.png] <https:
www.instagram.com/dotcomsecuritysolutions/="">EMAIL DISCLAIMER - This message contains privileged and confidential information intended only for the person or entity to which it is addressed. Any review, retransmission, dissemination, copy or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient, is prohibited. If you received this message in error, please notify the sender immediately by e-mail, facsimile or telephone and thereafter delete the material from any computer. Any views expressed in this message are those of the individual sender, except where the sender specifically states them to be the view of the entity.
Original Message:
Sent: 1/19/2023 8:17:00 PM
From: amandaw33
Subject: WinRE gather version custom inventory help (CVE-2022-41099)
Can someone help me create custom inventory for gathering WinRE version in order to target clients for CVE-2022-41099?
I took a stab with below but am missing something. If I do a write-host just running the powershell script under "#Gather winRE Information" - it outputs what I want so I feel like I'm close but I'm missing something with the add row of data.
Thanks for any advice.
# Create instance of Altiris NSE component
# Please don't modify this GUID -->
$nse = New-Object -com Altiris.AeXNSEvent
$nse.To = "{1592B913-72F3-4C36-91D2-D4EDA21D2F96}"
$nse.Priority = 1
#<--
# Modify this varaible with the custom data class guid
$objDCInstance = $nse.AddDataClass("{myGUIDHere}")
$objDataClass = $nse.AddDataBlock($objDCInstance)
#Gather winRE Information
if (reagentc /info | findstr "Disabled") {
$REBuild = "Disabled"
}
else {
$REBuild = (Get-WindowsImage -imagepath ((reagentc /info | findstr "\\?\GLOBALROOT\device").replace("Windows RE location: ", "").TRIM() + "\winre.wim") -index 1).SPBuild
}
{
#Add new row of data
$objDataRow = $objDataClass.AddRow()
$objDataRow.SetField(0, $REBuild)
}
#Send the data
$nse.SendQueued()
------------------------------
[State]
------------------------------
</https:></https:></https:></https:></https:></https:></http:></https:></mailto:rufuss@dotcomsecurity.co.za></tel:+27%2010%20823%205300>