Skip to main content

I am looking to install the remediation patch for CVE-2023-28252 across all of our windows servers. More info here: https://www.bleepingcomputer.com/news/security/windows-zero-day-vulnerability-exploited-in-ransomware-attacks/

 

I am able to identify which servers need this patch via the automox device search, but I cannot figure out how to create a policy which pushes only the KB which fixes this CVE. I do no want to push all patches at once as this would be done outside of our normal patching schedule.

It would seem that CVE-2023-28252 is associated to the latest cumulative update if you are tracking on https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-28252

In that case I’d use an “Advanced” patch policy. Enable Package Targeting and you can set Display Name contains 2023-04 Cumulative Update for Windows Server

You could also drop in specific KB to ensure only that patch goes. Click on “preview packages...” to see exactly what patches would install based on the package target.


Reply