Detect if Microsoft patch MS17-010 is installed on your network attached systems (fix for Wannacry worm leak)!

Hi, in short! Because our sccm patching service gave wrong information (systems who where patched but in reality they where not) I made a simple script to detect if the patch is really installed on our systems.
It runs on a source list and creates a log file for patched, not patched, access denied and offline log files.
create a file 'resources.txt' with all the systems you want to check and place it in the same folder of the script. run the script with administrator rights or a User Id who has remote access.
Maybe its not perfect but it does the job, checked 5000 resources with it, I used the 'not patched 'and 'offline' log file as a delta for a new scan, so the first run took a while but with the list getting shorter and shorter.
So I discovered 400 systems that where reported to sccm as correctly patched but in realty they where not!
Use whatever part you want of the script!

function Get-ScriptDirectory

{

$Invocation = (Get-Variable MyInvocation -Scope 1).Value

Split-Path $Invocation.MyCommand.Path

}

$CurrentDir = Get-ScriptDirectory

Function Set-Timestamp

{

Get-Date -Format "MM-dd-yyyy_hh-mm-ss"

}

$countgreen = 0

$countred = 0

$countmagenta = 0

$countcyan = 0

# List of all HotFixes containing the patch

$hotfixes = "KB4012212", "KB4012213", "KB4012214", "4012215", "KB4019216", "KB4012217", "KB4012606", "KB4013198", "KB4013429", "KB4015550", "KB4015551", "KB4019215", "KB4013429", "KB4019472", "KB4015217", "KB4015438", "KB4016635", "KB4012598", "KB4019264", "KB4019263"

$resourcefile = "resources.txt"

$resources = get-content "$currentDir\$resourcefile"

# Search for the HotFixes

pause

foreach ($i in $resources)

{

Write-host "resource: $i"

if (Test-Connection -ComputerName $i -count 1 -quiet)

{

if(Get-WMIObject -ComputerName $i Win32_LogicalDisk)

{

$hotfix = Get-HotFix -ComputerName $i | Where-Object {$hotfixes -contains $_.HotfixID} | Select-Object -property "HotFixID"

write-host $hotfix

# See if the HotFix was found

if($hotfix)

{

$countgreen++

Write-Host "$i has hotfix('s) installed: "$hotfix.syncroot -ForegroundColor Green -BackgroundColor Black

$patched += "$i;"

Write-host "resources patched:`t`t $countgreen" -ForegroundColor Green -BackgroundColor Black

Write-host "resources Not Patched:`t`t $countred" -ForegroundColor Red -BackgroundColor Black

Write-host "resources OFFLINE:`t`t $countmagenta" -ForegroundColor Magenta -BackgroundColor Black

Write-host "resources Accessdenied:`t`t $countcyan" -ForegroundColor Cyan -BackgroundColor Black

}

else

{

$countred++

Write-Host "$i is missing hotfix" -ForegroundColor Red -BackgroundColor Black

$notpatched += "$i;"

Write-host "resources patched:`t`t $countgreen" -ForegroundColor Green -BackgroundColor Black

Write-host "resources Not Patched:`t`t $countred" -ForegroundColor Red -BackgroundColor Black

Write-host "resources OFFLINE:`t`t $countmagenta" -ForegroundColor Magenta -BackgroundColor Black

Write-host "resources Accessdenied:`t`t $countcyan" -ForegroundColor Cyan -BackgroundColor Black

}

}

else

{

$countcyan++

Write-Host "$i Get-WMIObject : Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))"

$accessdenied += "$i;"

Write-host "resources patched:`t`t $countgreen" -ForegroundColor Green -BackgroundColor Black

Write-host "resources Not Patched:`t`t $countred" -ForegroundColor Red -BackgroundColor Black

Write-host "resources OFFLINE:`t`t $countmagenta" -ForegroundColor Magenta -BackgroundColor Black

Write-host "resources Accessdenied:`t`t $countcyan" -ForegroundColor Cyan -BackgroundColor Black

}

}

else

{

$countmagenta++

Write-Host "resource: $i Offline" -ForegroundColor Magenta -BackgroundColor Black

$Offlineresources += "$i;"

Write-host "resources patched:`t`t $countgreen" -ForegroundColor Green -BackgroundColor Black

Write-host "resources Not Patched:`t`t $countred" -ForegroundColor Red -BackgroundColor Black

Write-host "resources OFFLINE:`t`t $countmagenta" -ForegroundColor Magenta -BackgroundColor Black

Write-host "resources Accessdenied:`t`t $countcyan" -ForegroundColor cyan -BackgroundColor Black

}

}

Write-host "FINAL resources patched:`t`t $countgreen" -ForegroundColor Green -BackgroundColor Black

Write-host "FINAL resources Not Patched:`t`t $countred" -ForegroundColor Red -BackgroundColor Black

Write-host "FINAL resources OFFLINE:`t`t $countmagenta" -ForegroundColor Magenta -BackgroundColor Black

Write-host "FINAL resources Accessdenied:`t`t $countcyan" -ForegroundColor Cyan -BackgroundColor Black

$Offlineresources | out-file "$currentdir\_Offlineresources.txt"

$notpatched | out-file "$currentdir\_Notpatched.txt"

$patched | out-file "$currentdir\_Patched.txt"

$accessdenied | out-file "$currentdir\_accessdenied.txt"

$timestamp = Set-Timestamp

$timestamp

Copy-Item -Path "$currentdir\_Notpatched.txt" -Destination "$currentdir\BACKUP_$timestamp-Notpatched.txt"

Copy-Item -Path "$currentdir\_patched.txt" -Destination "$currentdir\BACKUP_$timestamp-patched.txt"

Copy-Item -Path "$currentdir\_Offlineresources.txt" -Destination "$currentdir\BACKUP_$timestamp-Offlineresources.txt"

Copy-Item -Path "$currentdir\_Accessdenied.txt" -Destination "$currentdir\BACKUP_$timestamp-Accessdenied.txt"