INTEL-SA-00213 Detection Script – Added SMB Logging

Following up on yesterdays post about my INTEL-SA-00213 detection script I’ve added some logging functionality. It’s rudimentary, but effective. Pass a valid -LogDir argument and it will generate a results.txt file. The file contains the hostname and output separated by a comma. The script uses Add-Content as well so this can be run from multiple hosts and the results will be appended to existing content.

INTEL-SA-00213 Detection ScriptI plan to make the output file customization via argument as well, and still need to tie this thing into SCCM. As it stands right now though version 2.0 or 2.2 could easily be used for a GPO startup script.

This is rapidly becoming more than just a utility script. I’ve never drilled this deep into parameters before and am learning quite a bit. It’ll be good to keep adding more functionality until I’ve got this thing well baked and I’ve learned as much as I can from it.

Anyway, if anyone is interested, here’s a link to the GitHub repository. I’m always looking for ideas and feedback!

Advisory Page

Security Update Page

CSME Detection Tool

Leave a Reply

Your email address will not be published. Required fields are marked *