I m a newbie Trying to write a one time query to check if a

Question

I m a newbie Trying to write a one time query to check if a specific Windows patch has been installed on all hosts or on specific hosts

sundsta · Answer

You can do this with the patches table See <https osquery io schema 4 2 0 patches>

alessandrogario · Answer

some additional info from Fritz <https osquery slack com archives C08V7KTJB p1584022509164200>

Alex Alborzfard · Answer

So would this work

Alex Alborzfard · Answer

Select from Patches where csname= lt hostname gt AND hotfix id= lt kbname gt

Alex Alborzfard · Answer

Also where in Fritz s script there s an option to specify KB and host name s

DG · Answer

I stole the query on From <https blog kolide com using kolide osquery to find and fix critical windows crypto vulnerability b6c05e33a9cf> for my own purposes

DG · Answer

This gets applied and reboot status

DG · Answer

Also make sure to include all equivalent KBs across your different OS versions sometimes its not the number so this uses a list