lvarela-r7 (4)

Last Login: September 14, 2020
Assessments
1
Score
4

lvarela-r7's Contributions (1)

Sort by:
Filter by:
3
Ratings
Technical Analysis

Some of the gotchas on patching this vuln:

  • Not restarting the vulnerable asset, even after you apply the patch, keeps the asset vulnerable. Must restart.
  • There have been cases where even with the patch reported as being installed, files on disk were vulnerable, manually checking termdd.sys, the file is normally located at C:\Windows\System32\drivers and the version retrieved with this powershell command:

get-item -Path ‘C:\Windows\System32\drivers\termdd.sys’ | Format-List -Force