Hi there,
I’ve noticed inconsistencies in how plugins for Windows KB checks define the vulnerable version range. For example:
- gb_ms_kb5040427.nasl:
version_is_less(version:fileVer, test_version:"10.0.19041.4648")
, while July 9, 2024—KB5040427 (OS Builds 19044.4651 and 19045.4651) - Microsoft Support lists the fixed versions as OS Builds 19044.4651 and 19045.4651. - gb_ms_kb5040431.nasl:
version_is_less(version:fileVer, test_version:"10.0.22000.3079")
, while July 9, 2024—KB5040431 (OS Build 22000.3079) - Microsoft Support lists the fixed version as OS Build 22000.3079. - gb_ms_kb5040442.nasl:
version_in_range(version:fileVer, test_version:"10.0.22621.0", test_version2:"10.0.22621.3879")
, while July 9, 2024—KB5040442 (OS Builds 22621.3880 and 22631.3880) - Microsoft Support lists the fixed versions as OS Builds 22621.3880 and 22631.3880. - gb_ms_kb5039211.nasl:
version_is_less(version:fileVer, test_version:"10.0.19041.4522")
, while June 11, 2024—KB5039211 (OS Builds 19044.4529 and 19045.4529) - Microsoft Support lists the fixed versions as OS Builds 19044.4529 and 19045.4529.
So, how can I correctly determine the vulnerable version range for a Windows KB check? Is there a general rule for this?