I have tried to search for different ways of finding all machines that are under “Extended Support” that are missing from the view of “Obsolete OS’” and I am not having a great way of validating what is being considered “Extended Support” across the spectrum of OS’. I know there are reg values that is flagging Windows machines, but i would like a master list of those if i can. Do others out there need to validate what is Extended Support and provide that info to managers in order to know what systems are able to be avoided for version upgrades that software is not approved for? Perhaps everyone is just using a different solution for this, but i figure if Rapid7 can in fact detect “Extended Support” that would be a thing we can specifically target, but I am stuck. HALP YA’LL, IM STUCK
I just went through a similar exercise, but it was all manual.
I’m not aware if R7 can determine between extended support vs not, but would also be interested in more details.
Maybe you can pull a list of all assets/operating systems where the vulnerability category = ‘Obsolete OS’ and then compare it to the list of assets where the vulnerability category <> ‘Obsolete OS’. If there are assets with the same operating system within the first list (vulnerability category = ‘Obsolete OS’), that might mean it is under extended support.
This is skethcy logic and assumes R7 is able to determine ES.