Windows General

Offline Cache Status

Learn the status of WMI offline cache. Check to see if it is enabled or disabled and where the cache is located. Uses Powershell command ‘gwmi win32_offlinefilescache’ to determine offline cache status. Results are displayed in the procedure log. Can report using tags: $WinOfflineCache$ $OCSEnabled$ $OCSDisabled$. See the following article for more information on this…

Read More

Audit – Microsoft Office Version

Uses registry to check for office version and if it’s a 32 or 64 bit installation. Reports to procedure log. Can use tags $O365$ and $Audit$ for reporting.

Read More

Processor Vuln Protection (CVE-2018-12207) Enable

Add registry key to enable protection from CVE-2018-12207 as recommended in this MS article.

Read More

Processor Vuln Protection (CVE-2018-12207) Disable

Add registry key to disable protection from CVE-2018-12207 as recommended in this MS article.

Read More

Gateway Port Scan Report

Downloads NMAP and has it scan External Gateway for commonly exploited open ports. Requires Visual C++ Redistributable 2013 (x86) to be installed. Reports to the procedure log and uses the tag: $openports$ Thanks to NMAP.ORG for their port scan tool.

Read More

Pin link to Start

Use this script to pin a link to your client’s start menu. You must create the .lnk file and then upload it to the KServer through the manage files dialog. Then modify the script to insert the updated link. This script will then download that file to the end-user machine and place it in the…

Read More

Pin link to Taskbar

Use this script to pin a link to your client’s taskbar. You must create the .lnk file and then upload it to the KServer through the manage files dialog. Then modify the script to insert the updated link. This script will then download that file to the end-user machine and place it in the taskbar…

Read More

Zoom Install (Windows)

Download and install latest version of Zoom direct from zoom.us

Read More

Scripting Engine Memory Corruption Vulnerability Patch Update

Script checks if CVE-2019-1367 is installed. If not, will attempt to install. If install is successful, it will prompt the user telling them that a reboot is recommended. Can report using $KBaudit$ and $OOD$.

Read More

dotNET Audit (and update Custom Field)

Script downloads exe file to determine what version of dot NET are installed. Able to report by filtering Agent Procedure Logs for $dotNET$ shows all entries regarding dotNET. $Audit$ shows all entries regarding all audit scripts. $dotNEThighest$ only shows the single newest version on the system. Highest version is also saved to Custom Field.. can…

Read More