Title
#windows
defensivedepth

defensivedepth

11/29/2021, 2:42 PM
windows_security_products
(https://osquery.io/schema/5.0.1/#windows_security_products) no longer works after upgrading to v5. Just confirmed with a fresh install of 4.9.0, works as expected. Same system, install 5.0.1 and when I try to query the table, osqueryi exits.
Faulting application name: osqueryi.exe, version: 5.0.1.0, time stamp: 0x6131a086
Faulting module name: osqueryi.exe, version: 5.0.1.0, time stamp: 0x6131a086
Exception code: 0xc0000005
Fault offset: 0x00000000008e00f6
Faulting process id: 0x24f8
Faulting application start time: 0x01d7e52e0c77561a
Faulting application path: C:\Program Files\osquery\osqueryi.exe
Faulting module path: C:\Program Files\osquery\osqueryi.exe
Report Id: 4087572f-a5c1-47e7-a1e5-496279fcf399
Faulting package full name: 
Faulting package-relative application ID:
s

seph

11/29/2021, 7:15 PM
I have not seen this. What OS is this? As I understand it, with the windows security center API isn’t present on all windows hosts. For example, it’s missing on windows server