We've released a new blog post about the recent Winrar vulnerability. If you're interested in the specifics, I suggest you give the blog post a read.
The report below will give you a color-coded overview of all Windows assets in your network that are not on Winrar version 5.7 or higher.
Instructions to add this report to your Lansweeper installation can be found here: https://www.lansweeper.com/forum/yaf_postst9882_How-to-run-a-report.aspx
The report will list assets that meet the following criteria:
- The asset is a Windows Asset.
- The asset is Active.
- The asset has Winrar installed on it.
Select Top 1000000 tblAssets.AssetID,
tblAssets.AssetName,
tblAssets.Domain,
tsysAssetTypes.AssetTypename As AssetType,
tblAssets.Username,
tblAssets.Userdomain,
tsysAssetTypes.AssetTypeIcon10 As icon,
tblAssets.IPAddress,
tsysIPLocations.IPLocation,
tblAssetCustom.Manufacturer,
tblAssetCustom.Model,
tsysOS.OSname As OS,
tblAssets.SP,
tblAssets.Lastseen,
tblAssets.Lasttried,
tblSoftwareUni.softwareName As Software,
tblSoftware.softwareVersion As Version,
tblSoftwareUni.SoftwarePublisher As Publisher,
Case
When tblSoftwareUni.softwareName Like '%winrar%' And
tblSoftware.softwareVersion < '5.70' Then 'Vulnerable'
Else 'Safe'
End As Vulnerablity,
tblSoftware.Lastchanged,
Case
When tblSoftwareUni.softwareName Like '%winrar%' And
tblSoftware.softwareVersion < '5.70' Then '#ffadad'
Else '#d4f4be'
End As backgroundcolor
From tblAssets
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Inner Join tsysIPLocations On tsysIPLocations.LocationID =
tblAssets.LocationID
Inner Join tblState On tblState.State = tblAssetCustom.State
Inner Join tblSoftware On tblAssets.AssetID = tblSoftware.AssetID
Inner Join tblSoftwareUni On tblSoftwareUni.SoftID = tblSoftware.softID
Left Join tsysOS On tsysOS.OScode = tblAssets.OScode
Where tblSoftwareUni.softwareName Like '%winrar%' And tblState.Statename =
'Active'
Order By tblAssets.IPAddress Desc