documentation/modules/post/windows/gather/enum_patches.md
This module enumerates patches applied to a Windows system using the
WMI query: SELECT HotFixID, InstalledOn FROM Win32_QuickFixEngineering.
use post/windows/gather/enum_patchesset SESSION <session id>runmsf post(windows/gather/enum_patches) > set session 1
session => 1
msf post(windows/gather/enum_patches) > run
[*] Running module against WINDEV2110EVAL (192.168.200.140)
Installed Patches
=================
HotFix ID Install Date
--------- ------------
KB5009469 2/27/2022
KB5009641 2/26/2022
KB5011493 3/5/2022
[*] Patch list saved to /root/.msf4/loot/20220911234321_default_192.168.200.140_enum_patches_485106.txt
[*] Post module execution completed
msf post(windows/gather/enum_patches) > set session 1
session => 1
msf post(windows/gather/enum_patches) > run
[*] Running module against TEST (192.168.200.190)
Installed Patches
=================
HotFix ID Install Date
--------- ------------
KB2533623 3/29/2019
KB2534111 2/1/2016
KB2639308 3/29/2019
KB2670838 3/29/2019
KB2729094 3/29/2019
KB2731771 3/29/2019
KB2786081 3/29/2019
KB2834140 3/29/2019
KB2841134 3/29/2019
KB2849696 3/29/2019
KB2849697 3/29/2019
KB2882822 3/29/2019
KB2888049 3/29/2019
KB2999226 9/4/2017
KB958488 5/26/2017
KB976902 11/21/2010
[*] Patch list saved to /root/.msf4/loot/20220911233948_default_192.168.200.190_enum_patches_697182.txt
[*] Post module execution completed
msf post(windows/gather/enum_patches) > set session 1
session => 1
msf post(windows/gather/enum_patches) > run
[*] Running module against WINXP (192.168.200.164)
Installed Patches
=================
HotFix ID Install Date
--------- ------------
KB811113 4/5/2013
KB936929 4/5/2013
Q147222
[*] Patch list saved to /root/.msf4/loot/20220911233635_default_192.168.200.164_enum_patches_552914.txt
[*] Post module execution completed