Microsoft Patch Trending by Year

by Ron Gula
June 20, 2011


This dashboard trends missing Microsoft patches in a variety of tables and trend lines. 

This dashboard leverages SecurityCenter's ability to filter vulnerabilities based on the associated missing patch from Microsoft. 

The two charts on the left and right leverage the "MS Bulletin Summary" tool as well as filter for Microsoft missing patches that contain the strings MS12, MS11, MS10 and MS09 which correspond to the years 2012, 2011, 2010 and 2009 respectively. The combination of these filters and tools results in a list of the top 10 missing Microsoft patches for each year. 

Similarly, a trend component which displays the number of Microsoft specific vulnerabilities found from 2009, 2010, 2011 and 2012 is displayed. Text filters of "MS09", "MS10", "MS11" and "MS12" for missing Microsoft patches are used to match on vulnerabilities from those years. If your organization has been collecting data longer than a few weeks, you should consider expanding the time-frame of this graph from 25 days to 50 or more days. 

Finally, an Active Matrix component is used to display a count of total systems that have missing Microsoft patches with high and medium severity ratings, and CVSS scores of 10. 

Further customization of this dashboard could include IP address listings or tables with assets and their counts of missing Microsoft patches. 

Compliance Regulations

  • Payment Card Industry Data Security Standards (PCI DSS) - 6.1
  • SANS Consensus Audit Guidelines - 10 Continuous Vulnerability Assessment and Remediation
  • FISMA - RA-3 (a, b, c, d), RA-5 (a, b, 1, 2, 5, 6)