WannaCry: how to check if your system is protected using a PowerShell script

WannaCry Malware Official Patches - All Windows Versions from Microsoft Technet

If you’ve stumbled upon this post you are probably well-aware of the Win32/WannaCrypt Ransomware, better known as WannaCry: we already talked about it in this other post, which contains an extensive list of links to download the various patches to shield almost any Windows-based operating system against this dangerous treat.

However, you might also need to find a way to quickly check if your system is effectively protected against WannaCry or not: this could come very handy if you are a System Administrator and you don’t know which server is missing the updates or not. Altough the best suggestion we can give would always be “patch everything”, you can also use this great PowerShell script (which we stole from this great post from SpiceWorks community site – credits to CarlosTech for the great job):

As we can see, this will check all the relevant hotfixes released by Microsoft containing the fix for the MS17-010 Jump issue – the one used by WannaCry to perform its attack. Using it is just as easy as copy the given source code, paste it into a PowerShell command prompt and press Enter to execute it.

Once you do that, it will return one of the following strings:

  • Found Hotfix XXXX, if your system is protected.
  • Didn’t Find HotFix, if your system is NOT protected.

Needless to say, if you’re receiving the latter, you should really need to take a good look here and apply the relevant patch before it’s too late.

That’s it for now: happy check!

About Ryan

IT Project Manager, Web Interface Architect and Lead Developer for many high-traffic web sites & services hosted in Italy and Europe. Since 2010 it's also a lead designer for many App and games for Android, iOS and Windows Phone mobile devices for a number of italian companies. Microsoft MVP for Development Technologies since 2018.

View all posts by Ryan

3 Comments on “WannaCry: how to check if your system is protected using a PowerShell script”

  1. Pingback: WannaCry Malware Official Patches - All Windows Versions from Technet
  2. Hello, great post, thank you for spending your time on this issue.
    I would like to say ; i tried it on my uptodate (Nov.28) windows 10 machine and it report as Didnt find hotfix. I thought maybe win10 doesnt need to include these updates at alll, or is my computer realy vulnerable ?

    1. Hello, thank you!

      Actually Win10 does need the MS17-010 patch as well, it’s just that the previous KB have been merged into the june 2017 update rollup pack(s), which was released after this post.

      That said, I just updated the above PS script to check for them as well: if you run it now you should be able to find the KB4032695, KB4032693 or KB4022723 according to your Win10 version.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.