Hi all, 

a quick note how to prove the vulnerability to be attacked by WannaCry (LinktoBBC).
Of course you can check the KB or Package Numbers in your patch catalog (Single Patches) - you should do that as well. 

But to have a very quick check you can use the OVAL Scan with the CVE-Number.

And build yourself a report (break on 'CVE Number'):

SELECT MACHINE.NAME AS Computer,
       MACHINE.LAST_INVENTORY AS `Last Inventory`,
       OVAL_DEFINITION.SOURCE AS `CVE Number`
  FROM (OVAL_STATUS OVAL_STATUS
        INNER JOIN KBSYS.OVAL_DEFINITION OVAL_DEFINITION
           ON (OVAL_STATUS.OVAL_DEFINITION_ID = OVAL_DEFINITION.ID))
       INNER JOIN MACHINE MACHINE
          ON (OVAL_STATUS.MACHINE_ID = MACHINE.ID)
 WHERE (    OVAL_STATUS.RESULT = 'VULNERABLE'
        AND OVAL_DEFINITION.SOURCE IN ('CVE-2017-0143',
                                       'CVE-2017-0144',
                                       'CVE-2017-0145',
                                       'CVE-2017-0146',
                                       'CVE-2017-0147',
                                       'CVE-2017-0148'))
ORDER BY Computer ASC, `CVE Number` ASC




Hope i could help :)

Timo