script to stop/disable spooler service on all servers not required in regards to Print Spooler Vulnerability

 

script to stop/disable spooler service on all servers not required

regarding the Print Nightmare vulnerability,  I have deal with all 226 sql servers and 12 oracle servers on windows, so resue one of my ps script to stop /disable spooler service on all servers. this also helps to disable spooler on some of other 10000+ windows machines we have. 


Windows Print Spooler Remote Code Execution Vulnerability

 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527 

step1, create a list of servers to change in text file with one servername in a line, saved it toc:\sql\serverlist0.txt


step 2. copy below script to power script ISE

step 3. run it, see screenshot

$service = "Spooler"



$text=Get-Content C:\sql\serverlist0.txt
$TotalComputers=$text.Length
write-host "the total number of computers is $TotalComputers"
For ($i=0; $i -lt $text.Length; $i++) {
$Computer= $text[$i]
Write-Host "Working on $Computer"
if(!(Test-Connection -ComputerName $Computer -Count 1 -quiet)) {
Write-Warning "$computer : Offline"
Continue
}
try {
$ServiceObject = Get-WMIObject -Class Win32_Service -ComputerName $Computer -Filter "Name='$service'" -EA Stop
if(!$ServiceObject) {
Write-Warning "$Computer : No service found with the name $service"
Continue
}
if($ServiceObject.StartMode -eq "Disabled") {
Write-Warning "$Computer : Service with the name $service already in disabled state"
# Continue
}
Set-Service -ComputerName $Computer -Name $service -EA Stop -StartMode Disabled
Write-Host "$Computer : Successfully disabled the service $service. Trying to stop it"
if($ServiceObject.state -ne "Running") {
Write-Warning "$Computer : $service already in stopped state"
Continue
}
$retval = $ServiceObject.StopService()
if($retval.ReturnValue -ne 0) {
Write-Warning "$Computer : Failed to stop service. Return value is $($retval.ReturnValue)"
Continue
}
Write-Host "$Computer : Stopped service successfully"
} catch {
Write-Warning "$computer : Failed to query $service. Details : $_"
Continue
}


#sample serverlist0.txt
sampleServerName1
sampleServerName2
sampleServerName3



Comments

Post a Comment

Popular posts from this blog

Sysaux tablespace is too big

Image
 today I received my report alert regarding one of Oracle database tablespace SYSAUX is over 80% (I created automated job using SSIS package to check tablespace usage daily) following steps to resolve it:  /*  2021.07.08  Documentation steps for troubleshooting Sysaux tablespace is huge --85% full  */   ---1. see what uses the most select occupant_name,occupant_desc, space_usage_kbytes/1024 MB from v$sysaux_occupants where space_usage_kbytes > 0 order by space_usage_kbytes desc; ---find it is SM/Advisor Server Manageability - Advisor Framework 25GB --now look for top 10 big objects   select * from (                select bytes/1024/1024 MB, blocks, s.SEGMENT_NAME, s.partition_name, s.segment_type, s.tablespace_name                  from dba_segments s                 where owner='SYS'              order by bytes desc ) where rownum <=10 ; ---find it is WRI$_ADV_OBJECTS having 13GB and 1.7 million blocks --now check how many objects in dba_advisor_objects  select task_name
Read more
 Recently, moved most of my scripts to github, most for private repo for now, starting to extract general scripts and posted in    General DBA tips (zhoutransform.github.io)  https://zhoutransform.github.io/GeneralDBA/ 
Read more

patching Oracle Database 12.2.0.1 Release Update & Release Update Revision January 2021 Critical Issues (Doc ID 2725763.1)

Image
 1 Determine current patch level D:\oracle\product\12.2.0\dbhome_1\OPatch>opatch lsinventory -patch -detail Oracle Interim Patch Installer version 12.2.0.1.6 Copyright (c) 2021, Oracle Corporation.  All rights reserved. Oracle Home       : D:\oracle\product\12.2.0\dbhome_1 Central Inventory : C:\Program Files\Oracle\Inventory    from           : OPatch version    : 12.2.0.1.6 OUI version       : 12.2.0.1.4 Log file location : D:\oracle\product\12.2.0\dbhome_1\cfgtoollogs\opatch\opatch2021-07-09_12-46-58PM_1.log Lsinventory Output file location : D:\oracle\product\12.2.0\dbhome_1\cfgtoollogs\opatch\lsinv\lsinventory2021-07-09_12-46-58PM.txt -------------------------------------------------------------------------------- Local Machine Information:: Hostname: xxxx ARU platform id: 233 ARU platform description:: Microsoft Windows (64-bit AMD) There are no Interim patches installed in this Oracle Home. -------------------------------------------------------------------------------- OPa
Read more