Kaseya

KB4074588 install (Win10 1709 Update)

Attempts to silently install kb patch for Win10 cumulative update to 1709. Script makes a few checks first. Script first will check that the patch is not already installed, that the system has the meltdown reg key and that the build number is less than 16299.248. Once these checks are verified the patch (about 680MB)…

Read More

Google Drive Install (Business)

Downloads and installs “Backup and Sync” and “Google File Stream”. Once installed the program will require users to login to the Google Drive business account.

Read More

Google Drive Install (Personal)

Downloads and installs “Backup and Sync”. Once installed the program will require users to login to the Google Drive account.

Read More

KB4078130 – Disable Spectre Variant 2 Patch

Scripts downloads and runs Microsoft’s KB4078130 patch. This script disables Intel Microcode meant to mitigate against Spectre variant 2. Machines running this KB will be vulnerable to Spectre attack vectors from malicious third parties. This KB will do nothing on machines that have not yet installed the new Microcode firmware update for their Intel CPU.

Read More

Enable Spectre Variant 2 Patch

Script checks for the existence of 2 registry keys. Then sets them to enable Spectre Mitigation. If the machine is a server, there will be a 3rd registry key that will be checked as well. Script will report the result of these checks. More details here. Report using $Spectre2$. Use the following video to setup…

Read More

Enable Meltdown/Spectre Patching

Scripts checks for 2 registry keys to be set to enable patching. If the machine is a server, there will be a 3rd registry key that will be checked as well. Script will report the result of these checks. Can Report using $MeltSpecPatch$. Use the following video to setup reports based on script tags.

Read More

Disable Spectre Variant 2 Patch

Script checks for the existence of 2 registry keys. Then sets them to disable Spectre Mitigation. Script will report the result of these checks. More information here. Can Report using $Spectre2$. Use the following video to setup reports based on script tags.

Read More

Disable Meltdown/Spectre Patching

Scripts checks for 2 registry keys to be set to disable patching. If the machine is a server, there will be a 3rd registry key that will be checked (removed). Script will report the result of these checks. Can Build a Report using $MeltSpecPatch$. Use the following video to setup reports based on script tags.

Read More

XMR Endpoint Check

Procedure to check the endpoints for the mining exploit. Created by Douglas Sanchez (douglas.sanchez@kaseya.com) You MUST create a custom field called “XMR” as documented in Kaseya’s article 1-29-18 Modified by Chris A – Virtual Administrator to add Tags, and reduce un-needed entries Review the following video to build a report off the tags. The tag…

Read More

Windows Build Reg Check (WaaSAssessment)

Script checks for build number. First looks for WaasAssesment, which provides a more detailed number. If it is not found, then uses a wmi query to pull the regular version number. Can report using $WinBuild$, $WaaSBuild$, $NoWaaSBuild$.

Read More