• defensivedepth

    defensivedepth

    8 months ago
    windows_security_products
    (https://osquery.io/schema/5.0.1/#windows_security_products) no longer works after upgrading to v5. Just confirmed with a fresh install of 4.9.0, works as expected. Same system, install 5.0.1 and when I try to query the table, osqueryi exits.
    Faulting application name: osqueryi.exe, version: 5.0.1.0, time stamp: 0x6131a086
    Faulting module name: osqueryi.exe, version: 5.0.1.0, time stamp: 0x6131a086
    Exception code: 0xc0000005
    Fault offset: 0x00000000008e00f6
    Faulting process id: 0x24f8
    Faulting application start time: 0x01d7e52e0c77561a
    Faulting application path: C:\Program Files\osquery\osqueryi.exe
    Faulting module path: C:\Program Files\osquery\osqueryi.exe
    Report Id: 4087572f-a5c1-47e7-a1e5-496279fcf399
    Faulting package full name: 
    Faulting package-relative application ID:
  • s

    seph

    8 months ago
    I have not seen this. What OS is this? As I understand it, with the windows security center API isn’t present on all windows hosts. For example, it’s missing on windows server