{"id":715,"date":"2016-06-21T10:00:14","date_gmt":"2016-06-21T08:00:14","guid":{"rendered":"http:\/\/blogs.msdn.microsoft.com\/lavanack\/?p=715"},"modified":"2022-05-30T13:51:48","modified_gmt":"2022-05-30T11:51:48","slug":"powershell-mbsa","status":"publish","type":"post","link":"https:\/\/laurentvanacker.com\/index.php\/2016\/06\/21\/powershell-mbsa\/","title":{"rendered":"Scan des hotfixes manquants avec PowerShell et MBSA \/ Scan missing hotfixes with Powershell and MBSA"},"content":{"rendered":"<div id=\"fr-FR\"><a href=\"#en-US\">English version<\/a><\/div>\n<div><\/div>\n<div><strong>[MAJ 13\/11\/2019] Une version purement PowerShell est disponible <a href=\"https:\/\/laurentvanacker.com\/index.php\/2019\/11\/13\/scan-des-hotfixes-manquants-avec-powershell-v2-scan-missing-hotfixes-with-powershell\/\" target=\"_blank\" rel=\"noopener noreferrer\">ici<\/a>.<\/strong><\/div>\n<p>[MAJ 19\/11\/2016] <a href=\"https:\/\/www.microsoft.com\/en-us\/download\/details.aspx?id=7558\" target=\"_blank\" rel=\"noopener noreferrer\">MBSA<\/a> est un outil graphique permettant d&rsquo;analyser les hotfixes Microsoft manquants sur une ou plusieurs machines Windows. Il peut \u00e9galement \u00eatre utilis\u00e9 en ligne de commandes comme expliqu\u00e9 <a href=\"https:\/\/blogs.msdn.microsoft.com\/ashishme\/2013\/02\/15\/microsoft-baseline-security-analyzer-mbsa-offline-bulk-scan-process\/\" target=\"_blank\" rel=\"noopener noreferrer\">ici<\/a>. Le format de sortie standard peut au choix \u00eatre du texte ou du XML. Ce dernier format permet un meilleure \u00ab\u00a0parsing\u00a0\u00bb de la sortie (la lecture manuelle du XML est un peu fastidieuse) mais \u00e0 l&rsquo;inconv\u00e9nient de ne pas pouvoir \u00eatre utilis\u00e9 avec des machine(s) distante(s).<\/p>\n<p><strong>Attention toutefois <a href=\"https:\/\/www.microsoft.com\/en-us\/download\/details.aspx?id=7558\" target=\"_blank\" rel=\"noopener noreferrer\">MBSA<\/a> n&rsquo;est pas compatible avec Windows 10 !<\/strong><\/p>\n<p>Je vous propose dans cet article un petit script PowerShell qui t\u00e9l\u00e9chargera les 3 fichiers Cabinet n\u00e9cessaires \u00e0 l&rsquo;analyse &#8211; uniquement si ceux pr\u00e9sents localement ne sont plus \u00e0 jour &#8211; et lancera l&rsquo;analyse. En cas de manque de connectivit\u00e9 \u00e0 Internet, les fichiers pr\u00e9sents localement seront utilis\u00e9s. Le script a deux pr\u00e9requis : les fichiers mbsacli.exe et wusscan.dll pr\u00e9sents dans le sous r\u00e9pertoires MBSA. Je vous propose de t\u00e9l\u00e9charger la solution directement <a href=\"https:\/\/github.com\/lavanack\/laurentvanacker.com\/tree\/master\/Windows%20Powershell\/Windows\/Security\/New-MBSAScan\" target=\"_blank\" rel=\"noopener noreferrer\">ici<\/a> (attention je n&rsquo;inclus pas les fichiers Cabinet).<\/p>\n<p>L&rsquo;avantage de cette solution r\u00e9side ici dans le format de sortie, 2 fichiers CSV :<\/p>\n<ul>\n<li>l&rsquo;un pour connaitre le nombre hotfixes manquants par cat\u00e9gories<\/li>\n<\/ul>\n<p><a id=\"summary\" href=\"http:\/\/laurentvanacker.com\/wp-content\/uploads\/2016\/06\/MBSA_Summary.png\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-716\" src=\"http:\/\/laurentvanacker.com\/wp-content\/uploads\/2016\/06\/MBSA_Summary.png\" alt=\"MBSA_Summary\" width=\"822\" height=\"88\" srcset=\"https:\/\/laurentvanacker.com\/wp-content\/uploads\/2016\/06\/MBSA_Summary.png 822w, https:\/\/laurentvanacker.com\/wp-content\/uploads\/2016\/06\/MBSA_Summary-300x32.png 300w, https:\/\/laurentvanacker.com\/wp-content\/uploads\/2016\/06\/MBSA_Summary-768x82.png 768w\" sizes=\"auto, (max-width: 822px) 100vw, 822px\" \/><\/a><\/p>\n<ul>\n<li>l&rsquo;autre avec le d\u00e9tail (en option).<\/li>\n<\/ul>\n<p><a id=\"details\" href=\"http:\/\/laurentvanacker.com\/wp-content\/uploads\/2016\/06\/MBSA_Details.png\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-725\" src=\"http:\/\/laurentvanacker.com\/wp-content\/uploads\/2016\/06\/MBSA_Details.png\" alt=\"MBSA_Details\" width=\"898\" height=\"105\" srcset=\"https:\/\/laurentvanacker.com\/wp-content\/uploads\/2016\/06\/MBSA_Details.png 898w, https:\/\/laurentvanacker.com\/wp-content\/uploads\/2016\/06\/MBSA_Details-300x35.png 300w, https:\/\/laurentvanacker.com\/wp-content\/uploads\/2016\/06\/MBSA_Details-768x90.png 768w\" sizes=\"auto, (max-width: 898px) 100vw, 898px\" \/><\/a><\/p>\n<p>On ne peut faire plus lisible.<\/p>\n<hr \/>\n<div><\/div>\n<div id=\"en-US\"><a href=\"#fr-FR\">Version fran\u00e7aise<\/a><\/div>\n<div><\/div>\n<div id=\"gt-form-c\">\n<form id=\"gt-form\" action=\"\/\" method=\"post\" name=\"text_form\">\n<div dir=\"ltr\"><strong>[Updated 11\/13\/2019] a full PowerShell version is available <a href=\"https:\/\/laurentvanacker.com\/index.php\/2019\/11\/13\/scan-des-hotfixes-manquants-avec-powershell-v2-scan-missing-hotfixes-with-powershell\/\" target=\"_blank\" rel=\"noopener noreferrer\">here<\/a>.<\/strong><\/div>\n<div dir=\"ltr\"><\/div>\n<div>\n<div dir=\"ltr\"><span id=\"result_box\" lang=\"en\">[Updated 11\/19\/2016] <\/span><span id=\"result_box\" lang=\"en\"><a href=\"https:\/\/www.microsoft.com\/en-us\/download\/details.aspx?id=7558\" target=\"_blank\" rel=\"noopener noreferrer\">MBSA<\/a> is a useful GUI tool for analyzing the missing hotfixes on one or multiple Windows machines. It can also be used as a command line tool as explained <a href=\"https:\/\/blogs.msdn.microsoft.com\/ashishme\/2013\/02\/15\/microsoft-baseline-security-analyzer-mbsa-offline-bulk-scan-process\/\" target=\"_blank\" rel=\"noopener noreferrer\">here<\/a>. The output format can either be text or XML. This format allows a better \u00ab\u00a0parsing\u00a0\u00bb of the output (the XML manual reading is a little tedious) but can not be used with remote (s) machine(s).<\/span><\/div>\n<div dir=\"ltr\"><\/div>\n<div dir=\"ltr\"><strong>Caution : <a href=\"https:\/\/www.microsoft.com\/en-us\/download\/details.aspx?id=7558\" target=\"_blank\" rel=\"noopener noreferrer\">MBSA<\/a> can not be used with Windows 10 !<\/strong><\/div>\n<\/div>\n<\/form>\n<\/div>\n<div id=\"gt-c\" class=\"g-section\">\n<div id=\"gt-form-c\">\n<form id=\"gt-form\" action=\"\/\" method=\"post\" name=\"text_form\">\n<div id=\"gt-text-all\">\n<div id=\"gt-main\">\n<div id=\"gt-text-c\">\n<div id=\"gt-text-top\">\n<div id=\"gt-res-c\" class=\"g-unit\">\n<div id=\"gt-res-p\">\n<div id=\"gt-res-data\">\n<div id=\"gt-res-wrap\">\n<div id=\"gt-res-content\" class=\"almost_half_cell\">\n<div dir=\"ltr\"><\/div>\n<div dir=\"ltr\"><span id=\"result_box\" lang=\"en\">I propose in this article a small PowerShell script that downloads the 3 Cabinet files needed for a <strong><a href=\"https:\/\/www.microsoft.com\/en-us\/download\/details.aspx?id=7558\" target=\"_blank\" rel=\"noopener noreferrer\">MBSA<\/a> <\/strong>analysis &#8211; only if those locally present are outdated &#8211; and launchs analysis. In case of lack of connectivity to the Internet, the file present locally will be used. The script has two prerequisites: the mbsacli.exe and wusscan.dll files present in the subdirectory called MBSA. I suggest you download the solution directly <a href=\"https:\/\/github.com\/lavanack\/laurentvanacker.com\/tree\/master\/Windows%20Powershell\/Windows\/Security\/New-MBSAScan\" target=\"_blank\" rel=\"noopener noreferrer\">here<\/a> (note: I do not include the cabinet files).<\/span><\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/form>\n<\/div>\n<\/div>\n<div id=\"gt-c\" class=\"g-section\">\n<div id=\"gt-form-c\">\n<form id=\"gt-form\" action=\"\/\" method=\"post\" name=\"text_form\">\n<div id=\"gt-text-all\">\n<div id=\"gt-main\">\n<div id=\"gt-text-c\">\n<div id=\"gt-text-top\">\n<div id=\"gt-res-c\" class=\"g-unit\">\n<div id=\"gt-res-p\">\n<div id=\"gt-res-data\">\n<div id=\"gt-res-wrap\">\n<div id=\"gt-res-content\" class=\"almost_half_cell\">\n<div dir=\"ltr\"><\/div>\n<div dir=\"ltr\"><span id=\"result_box\" lang=\"en\">The advantage of this solution is the output format, 2 CSV files:<\/span><\/div>\n<ul>\n<li>The first one to know the number of missing hotfixes per category<\/li>\n<\/ul>\n<p><a id=\"summary\" href=\"http:\/\/laurentvanacker.com\/wp-content\/uploads\/2016\/06\/MBSA_Summary.png\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-716\" src=\"http:\/\/laurentvanacker.com\/wp-content\/uploads\/2016\/06\/MBSA_Summary.png\" alt=\"MBSA_Summary\" width=\"822\" height=\"88\" srcset=\"https:\/\/laurentvanacker.com\/wp-content\/uploads\/2016\/06\/MBSA_Summary.png 822w, https:\/\/laurentvanacker.com\/wp-content\/uploads\/2016\/06\/MBSA_Summary-300x32.png 300w, https:\/\/laurentvanacker.com\/wp-content\/uploads\/2016\/06\/MBSA_Summary-768x82.png 768w\" sizes=\"auto, (max-width: 822px) 100vw, 822px\" \/><\/a><\/p>\n<ul>\n<li>The second one to know the details of the missing hotfixes (optional)<\/li>\n<\/ul>\n<p><a id=\"details\" href=\"http:\/\/laurentvanacker.com\/wp-content\/uploads\/2016\/06\/MBSA_Details.png\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-725\" src=\"http:\/\/laurentvanacker.com\/wp-content\/uploads\/2016\/06\/MBSA_Details.png\" alt=\"MBSA_Details\" width=\"898\" height=\"105\" srcset=\"https:\/\/laurentvanacker.com\/wp-content\/uploads\/2016\/06\/MBSA_Details.png 898w, https:\/\/laurentvanacker.com\/wp-content\/uploads\/2016\/06\/MBSA_Details-300x35.png 300w, https:\/\/laurentvanacker.com\/wp-content\/uploads\/2016\/06\/MBSA_Details-768x90.png 768w\" sizes=\"auto, (max-width: 898px) 100vw, 898px\" \/><\/a><\/p>\n<\/div>\n<p>Nothing can be more readable.<\/p>\n<p>&nbsp;<\/p>\n<p>Laurent.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/form>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>English version [MAJ 13\/11\/2019] Une version purement PowerShell est disponible ici. [MAJ 19\/11\/2016] MBSA est un outil graphique permettant d&rsquo;analyser les hotfixes Microsoft manquants sur [&#8230;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[19,12],"tags":[39,41],"class_list":["post-715","post","type-post","status-publish","format-standard","hentry","category-powershell","category-securite-security","tag-powershell","tag-securite"],"_links":{"self":[{"href":"https:\/\/laurentvanacker.com\/index.php\/wp-json\/wp\/v2\/posts\/715","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/laurentvanacker.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/laurentvanacker.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/laurentvanacker.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/laurentvanacker.com\/index.php\/wp-json\/wp\/v2\/comments?post=715"}],"version-history":[{"count":8,"href":"https:\/\/laurentvanacker.com\/index.php\/wp-json\/wp\/v2\/posts\/715\/revisions"}],"predecessor-version":[{"id":2975,"href":"https:\/\/laurentvanacker.com\/index.php\/wp-json\/wp\/v2\/posts\/715\/revisions\/2975"}],"wp:attachment":[{"href":"https:\/\/laurentvanacker.com\/index.php\/wp-json\/wp\/v2\/media?parent=715"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/laurentvanacker.com\/index.php\/wp-json\/wp\/v2\/categories?post=715"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/laurentvanacker.com\/index.php\/wp-json\/wp\/v2\/tags?post=715"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}