Jump to content

New Vulnerability Management Flagging Wrong OS and Unapplicable CVEs


Recommended Posts

We were able to apply the license and then create the policy under the Common Features policy to get this enabled.  We have noticed that at least two PCs running Windows 11 Pro 22H2 are being flagged as Microsoft Windows 10 Pro 22H2.  It shows a significant number of vulnerabilities, when checking on many of them, it appears that it is only flagging because it doesn't see the Windows 10 KB installed.  When trying to install applicable patches/rollups for Windows 11 to address the vulnerability, it is already installed.  The PCs are both current on the latest Monthly Rollups, so likely have few known Windows-related vulnerabilities. 

I suspect its mechanism of determining what OS for vulnerabilities is just looking at 22H2 and not taking into account there are versions for Windows 10 and 11 that have the same version.  In the computer details, both PCs are identified correctly in the Cloud Console as Windows 11 Pro 22H2.

Link to comment
Share on other sites

I unactivated the license and re-activated it, appeared to help reduce the numbers so far (still have a couple on one of the PCs), but I think its still working on scanning for vulnerabilities, so not sure if they will re-add at some point. 

Link to comment
Share on other sites

I can confirm I am seeing the same behavior. Win 11 systems are detected as Win 10. Patches are up to date but vulnerabilities patched in this month's updates are shown as missing. 

Link to comment
Share on other sites

I have found applying the Google Chrome and Microsoft Edge patches don't appear to actually apply.  I no longer have the false positives with the Windows 11 machines, so I guess my deactivate/reactivate issue fixes it.  On the PCs we forced the update on, it had to reboot them.  I am hoping it will auto update and not need reboots on the others, but time will tell.

Link to comment
Share on other sites

Today, Monday 24 July, everything looks correct. I haven't made any changes, so thanks for fixing that ESET.

Link to comment
Share on other sites

We have seen that fixed as well.  So far we haven't had any success with the patch management upgrade at all.  Edge, Chrome, Adobe Acrobat DC, Teamviewer.  None look like they actually update anything yet when kicking out the upgrade. Not sure if it's an issue with the application being local to the profile vs the PC or not.

Link to comment
Share on other sites

  • 2 weeks later...

are having the win 10 vulnerabilities showing for win11 pcs as well. Disable/Re-enable didnt fix it so far.

 

In addition. Patch List is still showing a patch for software on a PC for which I deinstalled the software last week. At least the corresponding vulnerability disappeared... in the computer -> details -> installed software it is not showing up anymore too.

 

It seems just patch list doesnt seem to get updated...

Edited by remosito
Link to comment
Share on other sites

The vulnerabilities showing because Win 11 was identified as Win 10 was fixed until today. Today all my Win 11 machines are shown as Win 10 and a list of vulnerabilities. 

Link to comment
Share on other sites

the misidentified as win10 of our win11 pc vulnerabilities have disappeared now.

 

The patch list is still showing a patch for software on a machine for which that sw actually got deinstalled a couple of weeks ago. 

Link to comment
Share on other sites

We are just starting to roll out eSet, so only getting more PCs with other applications that have patches available now.  Almost all the patches we try to roll out from the console don't really appear to work.  So far only Fox IT reader has upgraded and went away.  Libre Office, Firefox, Zoom, Teamviewer, Chrome/Edge, etc. do not seem to work.  I suspect most of those are installed in profile, but not sure about LibreOffice though being installed like that.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...