No matter what the reason is. Still, Microsoft Windows tops the position in malware infection. According to Statista report, In 2020, Windows has seen more than 83% of cyber attacks against other operating systems. This clearly tells that Windows is the hot cake for hackers, cybercriminals, and threat actors. All Windows users should pay more attention to Security than any other. Vulnerability is one of the common attack vectors to consider. When it comes to the Windows operating system, it tops the list. In Exploit DB, we found around 10K vulnerabilities related to Windows alone. It is the responsibility of each Windows user to keep track of all the newly discovered vulnerabilities regularly and fix them at the right time. We knew it was a great troublesome and laborious task to do. In this article, we are going to show how to find and fix the vulnerabilities on your Windows OS quickly.
Operating systems most affected by malware in 2020
Stats of Operating System’s share in the Market.
Do you know how many vulnerabilities your system has? How many exploits are available for them? How much of them are critical? Then how do you fix them? We will show you a quick method that will give answers to all such questions. We have a tool called Windows Exploit Suggester — Next Generation (WES-NG) developed on Python that will answer all these questions.
WES-NG is a python tool that discovers vulnerabilities, including the available exploits information for the discovered vulnerabilities on the system by analyzing the output of Windows’ systeminfo utility. You can use this Python tool to find and fix the vulnerabilities on any Windows desktop operating system from Windows XP to Windows 10 and server operating system from Windows server 2003 to Windows server 2019.
As we said earlier, WES-NG users the built-in utility ‘systeminfo.exe‘. If you don’t know about systeminfo, it is a command-line utility used to print detailed system information. It prints information about the processor, ram, operating system, network cards, BIOS, and system boot, and there are a plethora of things. WES-NG uses this information as input and checks for the associated vulnerabilities in its database. Its database is considered more accurate than Microsoft’s as it reefers multiple sources to create a comprehensive database. Its report shows which vulnerabilities were found in the system. Their CVV ID, associated services, available exploits, and how to fix them.
sysinfo command
The important thing to note is that it doesn’t scan the system to determine the vulnerabilities. It just provides the list of vulnerabilities based on the version, build, and patch installed on the machine. You can see the manually fixed vulnerabilities in the list, as it doesn’t scan the system for vulnerabilities. This makes it less accurate, and you may see a few false positives, either. None of the tools available in the market is perfect, right?
However, it gives the result in no time. It’s totally free to use. It doesn’t take a lot of time to give results, unlike other tools. It’s a perfect tool for a quick check. No technical knowledge is required to run the tool. All these properties will make this tool perfect for individual users and small businesses.
It gathers the data from these three sources. So this makes it more valuable.
Microsoft Security Bulletin: KB articles for older systems
MSRC: The Microsoft Security Update API of the Microsoft Security Response Center (MSRC): Standard source of information for modern Microsoft Updates
NIST National Vulnerability Database (NVD): Complement vulnerabilities with Exploit-DB links These are combined into a single .csv file which is compressed and hosted on GitHub repository.
Step #1: Clone the Git repo or just download the code from GitHub: https://github.com/bitsadmin/wesng
Clone the Git repo or just download the code from GitHub: https://github.com/bitsadmin/wesng
Navigate to the location where it is stored. In my case, I have stored it in: C:\Windows\System32\cmd.exe
Run the wes.py script from Python. Download and install the Python from Python.org if Python is not installed on your machine. It is very easy, simple, and direct procedure to install Python on the Windows machine. Make sure to add Python to the PATH. This creates a PATH environment variable to run the Python script.
Install the chardet library.
>pip install chardet
Store the systeminfo output in a file. Use the ‘>’ symbol to store the output of the systeminfo command.> systeminfo > sysinfo.txt
1st Machine:
Run the wes.py script using Python.Syntex to run the script is:Python wes.py full path of ‘sysinfo.txt’> python wes.py sysinfo.txtThis tool can be run through a few filters.Example:Filter to print only critical vulnerabilities with ‘-s critical’> python wes.py sysinfo.txt -s criticalFilter to print only exploit available critical vulnerabilities with ‘-e’> python wes.py sysinfo.txt -eGet help> python .\wes.py -h
Analyze the report. In this case, the first three-block shows the three vulnerabilities in my machine. Forth and last block shows the two missing patches. This system is in good shape. Suppose you found more critical vulnerabilities in the system. Apply the recommended patches written at the end of the report.
2nd machine:
We found 89 vulnerabilities. The report suggested three patches to fix all 89 vulnerabilities.
Filter to print only critical vulnerabilities with ‘-s critical’> python wes.py sysinfo.txt -s critical
Filter to print only exploit available critical vulnerabilities with ‘-e’> python wes.py sysinfo.txt -e
After applying patches, the system will ask to restart.
Patches were applied after the reboot.
This completes the process. This is how you can quickly find and fix vulnerabilities on Windows in no time.
Thanks for reading the article. Please share your comments to if you like this demo. Read more such interesting articles here:
You may also like these articles:
Arun KL is a cybersecurity professional with 15+ years of experience in IT infrastructure, cloud security, vulnerability management, Penetration Testing, security operations, and incident response. He is adept at designing and implementing robust security solutions to safeguard systems and data. Arun holds multiple industry certifications including CCNA, CCNA Security, RHCE, CEH, and AWS Security.
“Knowledge Arsenal: Empowering Your Security Journey through Continuous Learning”
"Cybersecurity All-in-One For Dummies" offers a comprehensive guide to securing personal and business digital assets from cyber threats, with actionable insights from industry experts.
BurpGPT is a cutting-edge Burp Suite extension that harnesses the power of OpenAI's language models to revolutionize web application security testing. With customizable prompts and advanced AI capabilities, BurpGPT enables security professionals to uncover bespoke vulnerabilities, streamline assessments, and stay ahead of evolving threats.
PentestGPT, developed by Gelei Deng and team, revolutionizes penetration testing by harnessing AI power. Leveraging OpenAI's GPT-4, it automates and streamlines the process, making it efficient and accessible. With advanced features and interactive guidance, PentestGPT empowers testers to identify vulnerabilities effectively, representing a significant leap in cybersecurity.
Tenable BurpGPT is a powerful Burp Suite extension that leverages OpenAI's advanced language models to analyze HTTP traffic and identify potential security risks. By automating vulnerability detection and providing AI-generated insights, BurpGPT dramatically reduces manual testing efforts for security researchers, developers, and pentesters.
Microsoft Security Copilot is a revolutionary AI-powered security solution that empowers cybersecurity professionals to identify and address potential breaches effectively. By harnessing advanced technologies like OpenAI's GPT-4 and Microsoft's extensive threat intelligence, Security Copilot streamlines threat detection and response, enabling defenders to operate at machine speed and scale.