Ever encountered a situation where your platform team applied a latest patch, still your scanner flagged older patches on that system !! Hang on !! Don't panic. Most probably it is due to a setting "Show missing patches that have been superseded".
A superseded patch is a patch that does not need to be installed because a later patch is available that will correct the same vulnerability.
A typical example is a service pack, which bundles many other patches that have been released before the service pack. If the service pack is installed on a host, earlier patches usually do not need to be installed.
You can choose to enable or disable it in scan policy or report template. When enabled, reports will show previous patches along with the patch which supersedes them. This will help you analyze patch history. You can ask questions to your platform teams like why the server is not receiving regular patches ? Is the server properly onboarded in patching tool ? Is there any connectivity issue between the server and the patching tool ? When disabled, it will directly show you the latest patch which supersedes previous month's patch(s).
So .. How to determine whether a patch supersedes another one(s) ? Please refer the link https://www.catalog.update.microsoft.com/Home.aspx for Windows OSes.
Also, please refer the below link for more information:
Happy Learning !!
No comments:
Post a Comment