By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy

A program called Windows Exploit Suggester - Next Generation, or WES-NG, has been released that will list the known vulnerabilities affecting a Windows installation, any exploits that are available, and what security updates are needed to patch the bugs. WES-NG was created by security researcher Arris Huijgen, who based his project off the Windows-Exploit-Suggester program that was originally released in 2014 by GDS Security, now known as AON Security. The original program stopped working when Microsoft stopped updating its Microsoft Security Bulletin Data Excel file and switched to the Microsoft Security Response Center API. This program works by comparing a Windows SystemInfo report with a downloaded CSV file of known vulnerabilities and their associated security updates. Using this data, Windows Exploit Suggester will display a report showing all of the unpatched vulnerabilities found on the computer and their respective CVE IDs, Microsoft knowledge base article numbers, and a link to any known exploits for that vulnerability. According to the project's description, every version of Windows between Windows XP and Windows 10, including the Windows Server counterparts, is supported. For those who want to focus on specific vulnerabilities and filter out the rest, users can utilize the --hide flag to specify those vulnerabilities that should be filtered. For example, to filter out Edge vulnerabilities you can use the systeminfo.txt --hide Edge command. For more refer to OUR FORUM.