This post has been republished via RSS; it originally appeared at: Microsoft Tech Community - Latest Blogs - .
Some CVEs may lack the required security updates for all or a subset of affected software, which prevents successful remediation efforts. Today, we are excited to announce that support and reporting on the availability of security updates for CVEs is now in public preview in Microsoft Defender Vulnerability Management.
This new feature will show security update availability information for each CVE and actively exclude software lacking updates from the recommendations tab. (Note: Before the introduction of this feature, CVEs missing security updates were not shown in the Defender Vulnerability Management portal. Once a customer enables this feature in public preview, these CVEs will be reported in the Inventory and Weaknesses pages.)
Below is a detailed overview of the new functionality.
Weaknesses page
Within the Weaknesses tab, there is a new “Update availability” column in the “Exposed devices” and “Related software” tabs of the CVE details pane.
Selecting on a CVE on the Weaknesses page will show CVEs tagged with one of the following tags:
- No security update – there are no security updates that remediate the vulnerability for any of the related software packages. This CVE will not appear in the Recommendations tab.
- Some updates available – security updates that fix the vulnerability are available only for a subset of all related software packages.
Device page
Update availability tags also appear in Tags column of the Discovered vulnerabilities tab in the device page.
Recommendations
Recommendations will include only devices and software packages for which security updates are available.
Advanced Hunting
A new column CveTags was added to table DeviceTvmSoftwareVulnerabilities. The column type is dynamic. The column value is an array of tags relevant to the CVE. The tags that are currently supported are “ZeroDay” and “NoSecurityUpdate”.
Export API
The export software vulnerabilities assessment API was extended to support CVEs with no security updates. A new Boolean field SecurityUpdateAvailable was added to response.
For more information on this feature, see Vulnerabilities in my organization.
Learn more & Get started
- Check out the latest announcement on Microsoft Defender Vulnerability Management, now in public preview.
- Sign up for public preview.
-
For customers interested in the full Defender Vulnerability Management solution, sign up here.
-
For Microsoft Defender for Endpoint Plan 2 customers interested in the Defender Vulnerability Management add-on, sign up here.
-
- To learn how to use Defender Vulnerability Management, visit aka.ms/MDVM and our documentation.