Check if specific patch is installed

Check if a specific HotFix ID is installed on the target. If it is, no output is created. If it isn't a json.NotInstalled.T1082 fact will be parsed from this output with the patch identifier.
View Command

To view this TTPs command, you must be logged in with a professional or enterprise license.


Test this TTP

Download Operator (1.7.1)
Test this TTP using one of our Operator chains
Conti Local and Remote Discovery


Using the Jambi agent from the initial access chain, discover local services, active directory objects, and check the box for PrintNightmare.


Escalate local privileges and spawn a SYSTEM-level agent by exploiting CVE-2021-34527 (PrintNightmare).