Using Osquery to check if you’ve patched CVE-2022-26809
Using Osquery to check if you’ve patched CVE-2022-26809
April 20, 2022
Using Osquery to check if you’ve patched CVE-2022–26809
Update: this won’t work as monthly rollups supersede discreet KB patches. See https://claroty.com/2022/05/04/blog-research-from-kbs-to-cves-understanding-the-relationships-between-windows-security-updates-and-vulnerabilities/
Here is a quick search you can run across any vulnerable Windows version to see if you have installed the patch for CVE-2022–26809
select * from patches where hotfix_id in ('KB5012596', 'KB5012599', 'KB5012599', 'KB5012604', 'KB5012596', 'KB5012670' ,'KB5012639' ,'KB5012650' ,'KB5012666' ,'KB5012658', 'KB5012632', 'KB5012670', 'KB5012626' ,'KB5012649', 'KB5012592' ,'KB5012653', 'KB5012599', 'KB5012599', 'KB5012591', 'KB5012647');