Now Available:

Featured Resources:

Newsletter

Email Address:

Subscribe




Subscribe to iTunes!


Ask the Expert

Have a question for our resident expert? .

Realtime Communities

« BlueLane Releases Threat Filter Update for Unpatched DNS Zero-Day | Main | Hacking WSUS #4 of 5 -- The "Big Red Button" or How to Patch When you want with WSUS »

Hacking WSUS #3 of 5 -- Creating a MS Number to Knowledgebase Article Number Comparison Report

Ever felt the pain of comparing the patch number (the "MS0X-0XX Number") to the knowledgebase article number (the "Q Number") when you're trying to figure out which patches to push? WSUS lists patches by their knowledgebase article number. But, the monthly patch announcements you get from Microsoft typically list them by their patch number. Translating between these two numbers can be a pain in the neck.

What's truly interesting (thank you Microsoft!) about the WSUS database is that its completely open and available, no matter if you use MSDE or SQL as your database engine. This means that you can peer into the database to find out more information about the workstations on your network and their patch level. The database is highly normalized, which means that it can be a chore to link the primary and foreign keys together to get a useful report. But, perseverence will prevail if you know what you're looking for.

This, the third script in our series, leverages this ability to peer into the WSUS database to create a comparison report which shows the MS0X-0XX number for each patch and the associated knowledgebase article number for them. Its great for keeping these straight in your head. Note that I haven't tested this script against WSUS 3.0.

You'll need to change the first line to the name of your WSUS server. If you're using MSDE as your database for WSUS, you'll need to open up permissions so you can access it remotely.

Click the link below for the code:

strWSUSServer = "myWSUSServerName"

Set fso = CreateObject("Scripting.FileSystemObject")
Set objTextFile = fso.OpenTextFile("OUTPUT.csv", 2, True)
objTextFile.WriteLine("MS Number,Q Number")

Set conn = CreateObject("ADODB.Connection")
Set rs = CreateObject("ADODB.Recordset")
dbconn = "Driver={SQL Server};Server=" & strWSUSServer & ";Database=SUSDB"
conn.open dbconn

strSQLQuery = "SELECT dbo.tbSecurityBulletinForRevision.SecurityBulletinID, dbo.tbLocalizedProperty.Title FROM dbo.tbLocalizedPropertyForRevision INNER JOIN dbo.tbLocalizedProperty ON dbo.tbLocalizedPropertyForRevision.LocalizedPropertyID = dbo.tbLocalizedProperty.LocalizedPropertyID INNER JOIN dbo.tbSecurityBulletinForRevision ON dbo.tbLocalizedPropertyForRevision.RevisionID = dbo.tbSecurityBulletinForRevision.RevisionID WHERE (dbo.tbLocalizedPropertyForRevision.LanguageID = 1033) ORDER BY dbo.tbSecurityBulletinForRevision.SecurityBulletinID"
rs.Open strSQLQuery, conn, 3, 3

While Not rs.EOF
 objTextFile.WriteLine(rs.Fields(0).Value & "," & Replace(rs.Fields(1).Value, ",", ""))
 rs.MoveNext
Wend

WScript.Echo "Done!"

TrackBack

TrackBack URL for this entry:
https://realtime-windowsserver.com/type/mt-tb.cgi/90

Most Active Posts

Recent Posts

Greg Shields' Bio:

Greg Shields is a Principal Consultant with 3t Systems in Denver, Colorado. With more than 10 years of experience in information technology, Greg has developed extensive experience in systems administration, engineering, and architecture specializing in Microsoft, Citrix, and VMware technologies. Greg is a Contributing Editor for both Redmond Magazine and Microsoft Certified Professional Magazine, authoring two regular columns along with numerous feature articles, webcasts, and white papers. He is known for his abilities to relate highly technical concepts with a drive towards fulfilling business needs. Greg is also a highly sought-after instructor and speaker, teaching system and network troubleshooting curriculum for TechMentor Events, a twice-annual IT conference, and producing computer-based training curriculum for CBT Nuggets on numerous topics. Greg is a triple Microsoft Certified Systems Engineer (MCSE) with security specialization and a Certified Citrix Enterprise Administrator (CCEA).