... dedicated to the pursuit of making money!

 

Viewing Windows Updates

February 04, 2007

When dealing with machines that are acting peculiar it is nice to be able to check to see what windows updates are installed without having to go to Microsoft’s update site (because sometimes you just don’t want to be online) or install any third party applications. To do this we will use the powerful and not very well documented Windows WMIC framework which comes standard on Xp and 2003 OS’s.

 

Command to show all Windows hotfixes and patches: C:\>wmic qfe

 

Some other useful WMIC commands (the // signifies a comment and IS NOT part of the command):

 

C:\>wmic /? //wmic help command

 

C:\>wmic process [pid] delete //similar to Unix’s kill -9

 

C:\>wmic process where name=’cmd.exe’ delete //kill processes by name

 

C:\>wmic process list brief /every:1 //similar to Unix’s top

 

C:\>wmic useraccount //lists all about users

 

C:\>wmic startup list full //lists startup and autostart reg keys

 

Portions of this were borrowed from SANS’ website. To see more visit their page(http://isc.sans.org/diary.html?storyid=1229)

 

 

What the future has in store

You can expect this site to change fairly regularly (probably a least once per week). I will be using it mostly as a way to centrally house my ideas and as a way to test new and/or exciting projects that I happen to be working on. If you'd like to see something on this site or have any sort of feedback please feel free to contact me.