$report = [pscustomobject]@{‘Date‘ = $null; ‘MSRC‘ = $null; ‘KB‘ = $null; ‘Severity‘ = $null; ‘Version‘ = $null; ‘Summary‘ = $null; ‘ThreatType‘ = $null} $report | Export-Csv -Path E:\PatchReport.csv -Force -Encoding Unicode -Delimiter "`t" $parttern = "[(]\d{7}[)]" #获取title最右侧的KB号码,对于任意年份的补丁都通用 $parttern_title = "\b(Information Disclosure|Remote Code Execution|Elevation of Privilege|Security Feature Bypass|Cumulative Security Update|Security Update|Denial of Service|Tampering)\b" $WebClient = New-Object System.Net.WebClient $WebClient.Encoding=[System.Text.Encoding]::UTF8 $xml = [XML]($WebClient.DownloadString("https://technet.microsoft.com/en-us/security/rss/bulletin")) $xml.rss.channel.item | foreach { $msrc = $_.link.substring($_.link.length - 8, 8) do { $patchweb = $WebClient.DownloadString("https://technet.microsoft.com/en-us/library/security/$msrc") } while (!$?) #$?表示最后一条执行的命令所返回的结果是True还是False, 在这里是True $result = [regex]::Match($patchweb, $parttern) $kbnumbers = $result.value.Substring(1, 7) #KB $cdata = $_.encoded.InnerText -replace "Severity Rating: ", "" -replace "Revision Note: ", "" -replace "Summary: ", "" -split "<br/>" #发布日期+MS号+KB号+危险等级+版本+摘要信息+威胁类型 foreach ($kbnumber in $kbnumbers) { $_.pubdate.substring(0,10) + "`t" + ($_.link).substring($_.link.length - 8, 8) + "`t" + $kbnumber + "`t" + $cdata[0] + "`t" + $cdata[1].Substring(0,4) + "`t" + $cdata[2] + "`t" + [regex]::Match($_.title, $parttern_title, ‘IgnoreCase‘) } } | Out-File -FilePath E:\PatchReport.csv -Append -Encoding unicode
时间: 2024-10-11 03:13:39