Check Internet Explorer version

Objective:

According to Microsoft announcement: Support for older versions of Internet Explorer ended on January 12th, 2016, you should verify you Windows systems to the latest Microsoft Support Lifecycle statements.

ie

Solutions

With Nessus you can use plugin 72367 to determine which version of Internet Explorer is installed.

If you don’t use Nessus you can query the following registry key:
HKLM\SOFTWARE\Microsoft\Internet Explorer\svcVersion

If the svcVersion key does not exists (versions of Internet Explorer 9 and below) check the version key.

Windows commandline:

C:\>reg query "HKLM\Software\Microsoft\Internet Explorer" /v svcVersion
 
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer
    svcVersion    REG_SZ    11.63.10586.0

Powershell:

 (Get-ItemProperty "HKLM:\Software\Microsoft\Internet Explorer").svcVersion
11.0.9600.18163

Many internet sources note that querying the registry to determine IE version leads to false positives. As an alternative we can do a file version check on iexplore.exe

Powershell:

((get-item "C:\Program Files\Internet Explorer\iexplore.exe").versioninfo).Fileversion
11.00.10586.0 (th2_release.151029-1700)

Sample Nessus Auditfile check registry key

<check_type: "Windows" version:"2">
<group_policy: "MS Windows Server">
 
## Windows Server 2012 
<if>
<condition type: "AND">
<custom_item>
type : REGISTRY_SETTING
description: "W2K1200001:Windows Server 2012 is installed:W2K12"
info : "This check determines if Windows Server 2012 is installed."
value_type : POLICY_TEXT
reg_key : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion"
reg_item : "ProductName"
value_data : "^[a-zA-Z0-9\(\)\s]*2012[a-zA-Z0-9\-\(\)\s]*$"
check_type : CHECK_REGEX
</custom_item>
<custom_item>
type : REGISTRY_SETTING
description: "W2K1200002:Windows Server 2012 is installed:W2K12"
info : "This check determines the version of Windows Server"
value_type : POLICY_TEXT
reg_key : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion"
reg_item : "CurrentVersion"
value_data : "6.2" 
 check_type : CHECK_REGEX
</custom_item>
</condition>
<then>
<custom_item>
 type: REGISTRY_SETTING
 description: "Running supported version of Internet Explorer"
 reg_key: "HKLM\SOFTWARE\Microsoft\Internet Explorer"
 value_type: POLICY_TEXT
 reg_item: "svcVersion"
 value_data: "^10.*"
 check_type : CHECK_REGEX
</custom_item>
</then>
</if>
 
 </group_policy>
</check_type>

Sample Nessus Auditfile check fileversion

<check_type: "Windows" version:"2">
<group_policy: "MS Windows Server">
 
<if>
<condition type: "AND">
<custom_item>
type : REGISTRY_SETTING
description: "W2K1200001:Windows Server 2012 is installed:W2K12"
info : "This check determines if Windows Server 2012 is installed."
value_type : POLICY_TEXT
reg_key : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion"
reg_item : "ProductName"
value_data : "^[a-zA-Z0-9\(\)\s]*2012[a-zA-Z0-9\-\(\)\s]*$"
check_type : CHECK_REGEX
</custom_item>
<custom_item>
type : REGISTRY_SETTING
description: "W2K1200002:Windows Server 2012 is installed:W2K12"
info : "This check determines the version of Windows Server"
value_type : POLICY_TEXT
reg_key : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion"
reg_item : "CurrentVersion"
value_data : "6.2" 
 check_type : CHECK_REGEX
</custom_item>
</condition>
<then>
<custom_item>
type: FILE_VERSION
description: "Filever C:\Program Files\Internet Explorer\iexplore.exe"
value_type: POLICY_FILE_VERSION
value_data: "10.0.0.0"
file: "C:\Program Files\Internet Explorer\iexplore.exe"
check_type: CHECK_GREATER_THAN_OR_EQUAL
</custom_item>
</then>
</if>
 
 </group_policy>
</check_type>