One of the most difficult tasks in information security is patch management. SecurityCenter customers have an advantage over other IT professionals; this series of reports can help IT professionals understand the true state of Microsoft patch management. Monitoring the application of Microsoft Security Bulletin patches can be extremely difficult if an organization is not continuously scanning the environment with credentialed scans. Using SecurityCenter’s ability to use Microsoft Bulletin IDs in combination with mitigation data and current vulnerability data allows for a much clearer picture. These reports will allow for a detailed view of missing Microsoft patches.
The report is available in the SecurityCenter Feed, an app store of dashboards, reports, and assets. The report can be easily located in the SecurityCenter Feed by selecting category Monitoring, and then selecting tags Microsoft and patch level. The report requirements are:
- SecurityCenter 4.8.1
- Nessus 5.2.7
- PVS 4.0.2
The five reports in this series are:
- Tracking Microsoft Security Bulletins Detailed Report
- Tracking Microsoft Security Bulletins Detailed Report (1999 - 2003)
- Tracking Microsoft Security Bulletins Detailed Report (2004 - 2008)
- Tracking Microsoft Security Bulletins Detailed Report (2009 - 2013)
- Tracking Microsoft Security Bulletins Detailed Report (2014 - 2018)
The first report groups information for all years (1999-2018) into a single report. The first chapter is an executive summary and provides an overview of Microsoft patch deployments. The remaining four chapters each contain results from a 5-year period; for each chapter, results are combined using the Microsoft Bulletin ID filter feature. Multiple years can be added to a filter by using a comma as the delimiter. For example, ‘MS09,MS10’ would search for Microsoft Bulletins released in 2009 and 2010. The other four reports focus on specific 5-year periods. Each of these reports contains an executive summary and a chapter for each of the individual years covered by the report.
The executive summary contains components that report on all currently missing Microsoft patches, those patches that have been missing for more than 30 days, and the patches that have been applied. Additionally, there is a trend graph showing an analysis of how patch management has been maintained over the preceding three months. The bulletin detail chapters provide a bar chart summarizing the relevant Microsoft security bulletins for that year, and an iterator of all vulnerable systems and details of the applicable bulletins.