NTP Vulnerability Check Attribute for Casper

Recently, Apple released / pushed an NTP vulnerability fix to clients running 10.8.5, 10.9.5 and 10.10.1
Now what I found was some machines did the install automatically and others didn’t while having it listed in the available list of softwares.
To check if your mac is patched, Open Terminal and type: what /usr/sbin/ntpd

Screen Shot 2015-01-07 at 1.04.44 PM

On 10.8.5 –> Mountain Lion: ntp-77.1.1
On 10.9.5 –> Mavericks: ntp-88.1.1
On 10.10.1 –> Yosemite: ntp-92.5.1
* As of yet, 10.10.2 doesn’t have a patch since it’s still in beta.

Using Casper I wrote an attribute that let’s you identify which clients are not patched and will download and install the patch silently.
The code is available on my github.
Once you have setup the attribute in casper, create a smart group to identify clients with the attribute showing anything other than “Yes”.
At first you may find quiet a lot so keep in mind the collection is part of your inventory collection update which is usually once a day.
However you can always ssh into a client and do sudo jamf recon


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s