[Windows] Windows Server 2016 registry state oval:org.cisecurity:ste:1519 is ambiguous

Question

[Windows] Windows Server 2016 registry state oval:org.cisecurity:ste:1519 is ambiguous

Chuck-Bohling opened this issue 5 years ago · 2 comments

ste:1519 is used to detect Windows Server 2016. Microsoft has the desktop version "Windows 10 Enterprise 2016 LTSB" which 1519 incorrectly identifies as Server 2016. The regex should probably be changed from "…*2016..." to "...*Server 2016...". That seems to work.

Answer 1 · 2019-07-17T23:55:43.000Z

Hi @Chuck-Bohling, thank you for this feedback.

@kemanik, it looks like you submitted the last substantive edit to this state:

Regular expressions were changed. Now they work on Hyper-V Servers.

Do you have any thoughts on this?

-David

Answer 2 · 2019-07-18T17:32:03.000Z

It looks like oval:org.cisecurity:ste:6571 will have the same problem. That state is used to detect Windows Server 2019. There's probably a Windows 10 enterprise version with the ProductName "Windows 10 Enterprise 2019 LTSB". That file was committed by @wmunyan.