Some more valuable comments from OVAL Board member Bill Wall of Harris
(thanks again, Bill!).
Thanks,
Tiffany
Microsoft Technical Lead, MITRE's OVAL Team
-------- Original Message --------
Subject: RE: [OVAL-DISCUSSION-LIST] OVAL queries for Microsoft
vulnerabilities
Date: Wed, 26 Mar 2003 10:21:53 -0500
From: "Wall, William (wwall)" <
wwall@...>
To: "'Tiffany Bergeron'" <
tab@...>
Tiffany,
Final observation.
If someone uses the
HKLM\System\CurrentControlSet\Cotrol\Windows\CSDVersion
value, always measure
the hex value and add 00 to get the service pack number.
In other words, if you have Service Pack 1, the hex value will be 100
(decimal
256).
If you are using Service Pack 2, the hex value will be 200 (decimal 512)
Service Pack hex decimal
SP 1 100 256
SP 2 200 512
SP 3 300 768
SP 4 400 1024
SP 5 500 1280
SP 6 600 1536
If no CSDVersion value in the registry, then no service pack (CSDVersion
is not
there by default)
Bill
