<#
    .SYNOPSIS
        CVE Detection - CVE-2023-35628
    .DESCRIPTION
        This script checks whether the Microsoft Outlook or Microsoft Outlook for Windows apps are installed and then checks whether the December 2023 cumulative update has been installed patching for CVE-2023-35628.
    .NOTES
        2023-12-14: Initial version
    .LINK
        Blog post: https://homotechsual.dev/2023/03/15/CVE-Monitoring-NinjaOne/
#>
[CmdletBinding()]
param ()
# Prepare variables and data sources.
$MinimumOSBuilds = [System.Collections.Generic.List[version]]@(
    '6.3.9600.21715',
    '6.2.9200.24614',
    '6.1.7601.26864',
    '10.0.25398.584',
    '10.0.22631.2861',
    '10.0.22621.2861',
    '10.0.22000.2652',
    '10.0.20348.2159',
    '10.0.20348.2144',
    '10.0.19045.3803',
    '10.0.19041.3803',
    '10.0.17763.5206',
    '10.0.14393.6529',
    '10.0.10240.20345'
)
# Logic loops
$OutlookClassesPresent = (Get-ItemProperty HKLM:\SOFTWARE\Classes\Outlook.Application -ErrorAction SilentlyContinue)
$OutlookDesktopInstalled = (Get-Item -Path (Join-Path -Path $ENV:SystemDrive -ChildPath 'Program Files*\Microsoft Office\root\Office*\OUTLOOK.EXE') -ErrorAction SilentlyContinue)
$OutlookNewInstalled = (Get-AppxPackage -AllUsers -Name 'Microsoft.OutlookForWindows' -ErrorAction SilentlyContinue)
if ((-not $OutlookClassesPresent) -and (-not $OutlookDesktopInstalled) -and (-not $OutlookNewInstalled)) {
    Write-Output 'Outlook is probably not installed.'
    Ninja-Property-Set CVE202335628 0
    return
} else {
    Write-Warning 'Outlook is probably installed. Checking for CVE-2023-35628 patch.'
}
$OSVersion = [System.Environment]::OSVersion.Version
$OSMajorMinorBuild = [Version]('{0}.{1}.{2}' -f $OSVersion.Major, $OSVersion.Minor, $OSVersion.Build)
$MinimumApplicableOSBuilds = $MinimumOSBuilds | Where-Object { $_ -ge $OSMajorMinorBuild }
$BuildsToTest = $MinimumApplicableOSBuilds | Where-Object { $_.Build -eq $OSMajorMinorBuild.Build }
foreach ($Build in $BuildsToTest) {
    if ($Build -lt $OSVersion) {
        Write-Warning ('Minimum OS build requirement not met. Minimum OS build: {0}' -f $Build)
        $Vulnerable = $true
    } else {
        Write-Output ('Minimum OS build requirement met. Minimum OS build: {0}' -f $Build)
        $Vulnerable = $false
    }
}
if ($true -eq $Vulnerable) {
    Write-Warning 'Vulnerable to CVE-2023-35628'
    Ninja-Property-Set CVE202335628 1
} elseif ($false -eq $Vulnerable) {
    Write-Output 'Not vulnerable to CVE-2023-35628'
    Ninja-Property-Set CVE202335628 0
} else {
    Write-Warning 'Could not determine vulnerability status.'
}