Scenario: Finding and fixing software vulnerabilities
Oct 23, 2023
This section provides a scenario for finding and fixing vulnerabilities on the managed devices running Windows. You can find and fix software vulnerabilities in the operating system and in third-party software, including Microsoft software.
- Kaspersky Security Center Cloud Console is deployed in your organization.
- There are managed devices running Windows in your organization.
Finding and fixing software vulnerabilities proceeds in stages:
- Scanning for vulnerabilities in the software installed on the client devices
To find vulnerabilities in the software installed on the managed devices, run the Find vulnerabilities and required updates task. When this task is complete, Kaspersky Security Center Cloud Console receives the lists of detected vulnerabilities and required updates for the third-party software installed on the devices that you specified in the task properties.
The Find vulnerabilities and required updates task is created automatically by Kaspersky Security Center Cloud Console quick start wizard. If you did not run the wizard, start it now or create the task manually.
How-to instructions: Creating the Find vulnerabilities and required updates task
- Analyzing the list of detected software vulnerabilities
View the Software vulnerabilities list and decide which vulnerabilities are to be fixed. To view detailed information about each vulnerability, click the vulnerability name in the list. For each vulnerability in the list, you can also view the statistics on the vulnerability on managed devices.
- Configuring vulnerabilities fix
When the software vulnerabilities are detected, you can fix the software vulnerabilities on the managed devices by using the Install required updates and fix vulnerabilities task or the Fix vulnerabilities task.
The Install required updates and fix vulnerabilities task is used to update and fix vulnerabilities in third-party software, including Microsoft software, installed on the managed devices. This task enables you to install multiple updates and fix multiple vulnerabilities according to certain rules. Availability of this task depends on the Kaspersky Security Center Cloud Console mode and your current license. To fix software vulnerabilities, the Install required updates and fix vulnerabilities task uses recommended software updates.
The Fix vulnerabilities task uses recommended fixes for Microsoft software.
You can start Vulnerability fix wizard that creates one of these tasks automatically, or you can create one of these tasks manually.
- Scheduling the tasks
To be sure that the vulnerabilities list is always up-to-date, schedule the Find vulnerabilities and required updates task to run it automatically from time to time. The recommended average frequency is once a week.
If you have created the Install required updates and fix vulnerabilities task, you can schedule it to run with the same frequency as the Find vulnerabilities and required updates task or less often. When scheduling the Fix vulnerabilities task, note that you have to select fixes for Microsoft software every time before starting the task.
When scheduling the tasks, make sure that a task to fix vulnerability starts after the Find vulnerabilities and required updates task is complete.
- Ignoring software vulnerabilities (optional)
If you want, you can ignore software vulnerabilities to be fixed on all managed devices or only on the selected managed devices.
How-to instructions: Ignoring software vulnerabilities
- Running a vulnerability fix task
Start the Install required updates and fix vulnerabilities task or the Fix vulnerabilities task. After the task is complete, make sure that it has the Completed successfully status in the task list.
- Create the report on results of fixing software vulnerabilities (optional)
To view detailed statistics on the vulnerabilities fix, generate the Report on vulnerabilities. The report displays information about software vulnerabilities that are not fixed. Thus you can have an idea about finding and fixing vulnerabilities in third-party software, including Microsoft software, in your organization.
How-to instructions: Generating and viewing a report
- Checking configuration of finding and fixing vulnerabilities in third-party software
Make sure of the following:
- The list of software vulnerabilities on managed devices is not empty.
- A task to fix vulnerabilities is in the task list.
- The tasks to find and to fix software vulnerabilities are scheduled so that they start sequentially. View the properties of these tasks and compare their schedule.
- The task to fix software vulnerabilities was successfully completed. View information on the Results tab of the task properties window.
If you have created and configured the Install required updates and fix vulnerabilities task, the vulnerabilities are fixed on the managed devices automatically. When the task is run, it correlates the list of available software updates to the rules specified in the task settings. All software updates that meet the criteria in the rules will be downloaded to the repositories of distribution points and will be installed to fix software vulnerabilities.
If you have created the Fix vulnerabilities task, only software vulnerabilities in Microsoft software are fixed.