Threat actors may attempt to get detailed information about the operating system and hardware, including version, patches, hotfixes, service packs, and architecture. Threat actors may use this information to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions. This behavior is distinct from Local Storage Discovery which is Threat actors's discovery of local drive, disks and/or volumes.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.