Automox Worklet: XP Patching

Legacy systems are a significant issue for security professionals. These systems usually utilize outdated technologies, which means updating them can be difficult. These systems are easy prey in the eyes of attackers. While Microsoft no longer supports Windows XP, they did release an emergency fix for a legacy Windows zero-day vulnerability. The fix addressed the wormable Windows exploit, known as BlueKeep and tracked under CVE-2019-0708. For situations like this, Automox has provided the instruction on how to deploy an emergency patch to update Windows XP via Automox Worklet. 

This manual process for deploying an emergency patch will decrease the time it takes to ensure your legacy machines are operating at lower risk to exploit.

Note: Automox cannot fully update Windows XP versions due to the lack of support for XP updates by Windows Update. Automox can manage software installation and patching, as well as configuration and security settings.

To run Automox on Windows XP, you must meet the following minimum requirements:

  • Microsoft .NET Framework 3.5 or higher
  • Windows PowerShell 2.0 or higher

Windows XP Required Prerequisites 

Automox Worklet: XP Patching

To deploy this endpoint hardening Worklet, do the following:

  1. Log in to your Automox Console.
  2. Navigate to the System Management page and click Create Policy in the upper right-hand section of the screen.
  3. Choose Windows under Worklet.

Screen Shot 2019-11-18 at 5.18.14 PM

4. Upload the KB file to the policy.

Screen Shot 2019-11-18 at 5.18.31 PM

5. Copy and paste the Evaluation and Remediation code scripts from below. Evaluation is optional if you’re going to execute manually. Here’s an example:


#Define KB Number and check for presence
$kbID = 'KB4500331'
$installed = Get-Hotfix -Id $kbID -ErrorAction SilentlyContinue
if ( $installed ) {
    #Compliant, so Exit 0 as success
    Exit 0
} else {
    #Non-Compliant, so Exit 1 as failure
     Exit 1
Screen Shot 2019-11-18 at 5.18.42 PM


#Enter the name of the file you uploaded
$fileName = "windowsxp-kb4500331-x86.exe"
#Launch the installer file and capture exit code to determine success
$installer = Start-Process -FilePath $fileName -ArgumentList "/quiet /passive /norestart" -Wait -PassThru
#Evaluate Exit Code for Success 0,1641,3010 are all considered successful
if ( $installer.ExitCode -in @('0','1641', '3010')) {
      Exit 0
} else { Exit 1 }

Screen Shot 2019-11-18 at 5.18.53 PM6. Click Create Worklet.

7. Assign Worklet to a group or multiple groups and click Save Changes.

Screen Shot 2019-11-18 at 5.19.03 PM

8. Execute the Worklet by clicking the Execute Policy Now button.

Screen Shot 2019-11-18 at 5.19.13 PM

Within minutes, the patch is installed on your XP devices.

Screen Shot 2019-11-18 at 5.19.34 PM

If you need technical assistance, contact our support team at

About Automox

Facing growing threats and a rapidly expanding attack surface, understaffed and alert-fatigued organizations need more efficient ways to eliminate their exposure to vulnerabilities. Automox is a modern cyber hygiene platform that closes the aperture of attack by more than 80% with just half the effort of traditional solutions.

Cloud-native and globally available, Automox enforces OS & third-party patch management, security configurations, and custom scripting across Windows, Mac, and Linux from a single intuitive console. IT and SecOps can quickly gain control and share visibility of on-prem, remote and virtual endpoints without the need to deploy costly infrastructure. 

Experience modern, cloud-native patch management today with a 15-day free trial of Automox and start recapturing more than half the time you're currently spending on managing your attack surface. Automox dramatically reduces corporate risk while raising operational efficiency to deliver best-in-class security outcomes, faster and with fewer resources.

Get Instant Updates on Vulnerabilities

Subscribe to receive Automox vulnerability alerts

Reduce your threat surface by up to 80%

Make all of your corporate infrastructure more resilient by automating the basics of cyber hygiene.

Take 15 days to raise your security confidence!
Start a Free Trial