The current nvt’s in the community feed are targeted both at server and client versions, see gb_ms_kb4519338.nasl for example. This script still checks for Ntoskrnl.exe and it probably suffers the same problem as before, with GetVer in secpod_smb_func.inc limiting the number of sections checked to 21. The solution is to remove or raise this limit. I’ve been running with a limit of 100 since reporting this issue without problems.
I know similar issue was reported Fetch_file_version returns FALSE for Ntoskrnl.exe, but looks like there is no follow up on that.
My problem is that a lot of scripts reading ntoskrnl.exe are not reporting vulnerabilities which should be reported based on the version of the file. For example, 2022/microsoft/gb_ms_kb5018419.nasl, and others. Looks like the file is not read by the script or fetch_file_version has some bugs. I tested locally with different OS. This seems to happen ONLY in windows server 2019.