home.social

#wmic — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #wmic, aggregated by home.social.

  1. Wow, Microsoft is removing #WMIC from Windows!
    But they aren't removing the underlying WMI framework, so threat actors will have to use PowerShell to access WMI.

    I'm not sure this will have a significant impact on what Threat Actors do with WMI, however, it'll at least force a Threat Actor to use PowerShell where there is better built-in visibility (if it's enabled), compared to WMIC.

    🔗 techcommunity.microsoft.com/bl

    #IncidentResponse #ThreatDetection #ThreatIntel #CSIRT #CERT

  2. Just learned recently that you can read & write #Dell #BIOS settings natively in Windows on 2018 & later commercial models using #WMI (using either the old #WMIC or #PowerShell: dl.dell.com/manuals/common/del )