WannaCry: how to check if your system is protected using a PowerShell script

WannaCry Malware Official Patches - All Windows Versions from Microsoft Technet

If you’ve stumbled upon this post you are probably well-aware of the Win32/WannaCrypt Ransomware, better known as WannaCry: we already talked about it in this other post, which contains an extensive list of links to download the various patches to shield almost any Windows-based operating system against this dangerous treat.

However, you might also need to find a way to quickly check if your system is effectively protected against WannaCry or not: this could come very handy if you are a System Administrator and you don’t know which server is missing the updates or not. Altough the best suggestion we can give would always be “patch everything”, you can also use this great PowerShell script (which we stole from this great post from SpiceWorks community site – credits to CarlosTech for the great job):

As we can see, this will check all the relevant hotfixes released by Microsoft containing the fix for the MS17-010 Jump issue – the one used by WannaCry to perform its attack. Using it is just as easy as copy the given source code, paste it into a PowerShell command prompt and press Enter to execute it.

Once you do that, it will return one of the following strings:

  • Found Hotfix XXXX, if your system is protected.
  • Didn’t Find HotFix, if your system is NOT protected.

Needless to say, if you’re receiving the latter, you should really need to take a good look here and apply the relevant patch before it’s too late.

That’s it for now: happy check!


About Ryan

IT Project Manager, Web Interface Architect and Lead Developer for many high-traffic web sites & services hosted in Italy and Europe. Since 2010 it's also a lead designer for many App and games for Android, iOS and Windows Phone mobile devices for a number of italian companies.

View all posts by Ryan