Patch Intel, Unlocked: The Windows Version Feed Project


Mission Objective
Wrangle Windows patching like a pro.
We built a feed that fuses build numbers, KB updates, and CVE mappings into a machine-readable toolkit.
No more scattered docs, vendor silos, or stale spreadsheets.
Gear Check
What’s inside the feed:
windows-versions.json
– latest builds by release channel and editionCVE_KB_Mapping_YYYY-MMM.json
– KB-to-CVE maps for each patch cyclegenerate_os_cve_data.ps1
– PowerShell automation to generate and update the feeds
Also includes:
- GitHub Actions to auto-update monthly data
- Lightweight design for easy integration into dashboards, scripts, or threat models
The Grind
Windows patch tracking sucks. Here's why:
- Microsoft's docs scatter info across multiple sites
- Security teams want CVE mapping; infra teams want KBs
- None of it is version-controlled or cleanly structured
We fixed that.
Our PowerShell script pulls official build data, scrapes CVE–KB links, and assembles a structured JSON feed—reusable in CI/CD, Power BI, or your own patch pipelines.
Sample Use Cases
- 🔍 Cross-reference CrowdStrike Spotlight data with KBs
- 📊 Build a dashboard showing patch cadence or stale machines
- 🧩 Tie OS versions to Azure Update Manager compliance reports
- 📅 Track monthly patch drop timelines (especially pre–Patch Tuesday)
Field Notes
- We're not replacing Microsoft’s docs—we're weaponizing them.
- Feeds are auto-generated but easy to override if you need custom cuts.
- We plan to extend support for legacy OSes and EOL branches.
Want to contribute?
Open a PR or log an issue. This repo is for the patch nerds, the sysadmins, the ones who still hand-check the KB list at 6am on Patch Tuesday.
Repo: https://github.com/ZentrixLabs/windows-version-feed
License: MIT
Author: ZentrixLabs – building sysadmin-first tools in the dark, with neon.
Subscribe to my newsletter
Read articles from Mike Becker directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by
