Scenario: Finding and fixing third-party software vulnerabilities

This section provides a scenario for finding and fixing vulnerabilities on the managed devices running Windows. You can find and fix software vulnerabilities in the operating system and in third-party software, including Microsoft software.

Prerequisites

• Kaspersky Security Center is deployed in your organization.
• There are managed devices running Windows in your organization.
• Internet connection is required for Administration Server to perform the following tasks:
  • To make a list of recommended fixes for vulnerabilities in Microsoft software. The list is created and regularly updated by Kaspersky specialists.
  • To fix vulnerabilities in third-part software other than Microsoft software.

Stages

Finding and fixing software vulnerabilities proceeds in stages:

1. Scanning for vulnerabilities in the software installed on the managed devices

   To find vulnerabilities in the software installed on the managed devices, run the Find vulnerabilities and required updates task. When this task is complete, Kaspersky Security Center receives the lists of detected vulnerabilities and required updates for the third-party software installed on the devices that you specified in the task properties.

   The Find vulnerabilities and required updates task is created automatically by Kaspersky Security Center quick start wizard. If you did not run the wizard, start it now or create the task manually.

   How-to instructions:

   • Administration Console: Scanning applications for vulnerabilities, Scheduling the Find vulnerabilities and required updates task
   • Kaspersky Security Center Web Console: Creating the Find vulnerabilities and required updates task, Find vulnerabilities and required updates task settings
2. Analyzing the list of detected software vulnerabilities

   View the Software vulnerabilities list and decide which vulnerabilities are to be fixed. To view detailed information about each vulnerability, click the vulnerability name in the list. For each vulnerability in the list, you can also view the statistics on the vulnerability on managed devices.

   How-to instructions:

   • Administration Console: Viewing information about software vulnerabilities, Viewing statistics of vulnerabilities on managed devices
   • Kaspersky Security Center Web Console: Viewing information about software vulnerabilities, Viewing statistics of vulnerabilities on managed devices
3. Configuring vulnerabilities fix

   When the software vulnerabilities are detected, you can fix the software vulnerabilities on the managed devices by using the Install required updates and fix vulnerabilities task or the Fix vulnerabilities task.

   The Install required updates and fix vulnerabilities task is used to update and fix vulnerabilities in third-party software, including Microsoft software, installed on the managed devices. This task allows you to install multiple updates and fix multiple vulnerabilities according to certain rules. Note that this task can be created only if you have the license for the Vulnerability and patch management feature. To fix software vulnerabilities the Install required updates and fix vulnerabilities task uses recommended software updates.

   The Fix vulnerabilities task does not require the license option for the Vulnerability and patch management feature. To use this task, you must manually specify user fixes for vulnerabilities in third-party software listed in the task settings. The Fix vulnerabilities task uses recommended fixes for Microsoft software and user fixes for third-party software.

   You can start Vulnerability fix wizard that creates one of these tasks automatically, or you can create one of these tasks manually.

   How-to instructions:

   • Administration Console: Selecting user fixes for vulnerabilities in third-party software, Fixing vulnerabilities in applications
   • Kaspersky Security Center Web Console: Selecting user fixes for vulnerabilities in third-party software, Fixing vulnerabilities in third-party software, Creating the Install required updates and fix vulnerabilities task
4. Scheduling the tasks

   To be sure that the vulnerabilities list is always up-to-date, schedule the Find vulnerabilities and required updates task to run it automatically from time to time. The recommended average frequency is once a week.

   If you have created the Install required updates and fix vulnerabilities task, you can schedule it to run with the same frequency as the Find vulnerabilities and required updates task or less often. When scheduling the Fix vulnerabilities task, note that you have to select fixes for Microsoft software or specify user fixes for third-party software every time before starting the task.

   When scheduling the tasks, make sure that a task to fix vulnerability starts after the Find vulnerabilities and required updates task is complete.

5. Ignoring software vulnerabilities (optional)

   If you want, you can ignore software vulnerabilities to be fixed on all managed devices or only on the selected managed devices.

   How-to instructions:

   • Administration Console: Ignoring software vulnerabilities
   • Kaspersky Security Center Web Console: Ignoring software vulnerabilities
6. Running a vulnerability fix task

   Start the Install required updates and fix vulnerabilities task or the Fix vulnerability task. When the task is complete, make sure that it has the Completed successfully status in the task list.

7. Create the report on results of fixing software vulnerabilities (optional)

   To view detailed statistics on the vulnerabilities fix, generate the Report on vulnerabilities. The report displays information about software vulnerabilities that are not fixed. Thus you can have an idea about finding and fixing vulnerabilities in third-party software, including Microsoft software, in your organization.

   How-to instructions:

   • Administration Console: Creating and viewing a report
   • Kaspersky Security Center Web Console: Generating and viewing a report
8. Checking configuration of finding and fixing vulnerabilities in third-party software

   Be sure that you have done the following:

   • Obtained and reviewed the list of software vulnerabilities on managed devices
   • Ignored software vulnerabilities if you wanted
   • Configured the task to fix vulnerabilities
   • Scheduled the tasks to find and to fix software vulnerabilities so that they start sequentially
   • Checked that the task to fix software vulnerabilities was run

Results

If you have created and configured the Install required updates and fix vulnerabilities task, the vulnerabilities are fixed on the managed devices automatically. When the task is run, it correlates the list of available software updates to the rules specified in the task settings. All software updates that meet the criteria in the rules will be downloaded to the Administration Server repository and will be installed to fix software vulnerabilities.

If you have created the Fix vulnerabilities task, only software vulnerabilities in Microsoft software are fixed.

See also: About third-party applications

Page top