Is there a way to get the KB number and tie it to an MS bulletin number? This way we can get a more accurate view of where we stand patch wise. Currently, I am only able to see that X need the patch out of Y systems but this is not an accurate count since some of the patches dont apply to the system (different installed softwares).
ideally we would be able to query the installed list of patches analysis and compare against the enterprise security list needing the patch.
Is there a way to get the KB number and tie it to an MS bulletin number? This way we can get a more accurate view of where we stand patch wise. Currently, I am only able to see that X need the patch out of Y systems but this is not an accurate count since some of the patches dont apply to the system (different installed softwares).
ideally we would be able to query the installed list of patches analysis and compare against the enterprise security list needing the patch.
I’m not really sure what you’re asking, but all of the fixlets in the Enterprise Security site have a “Source ID” property that relates to the relevant Microsoft knowledgebase Q-article number.
Basically, what i have right now from the web reports and console is a report which tells me something similar to below. this appears to be true since only 100 systems need it but in fact is not true. The “Total number of systems” query takes into account Windows XP, 2k3 , Macs, and unix boxes. So in effect my % unpatched is much higher for this particular vulnerability.
===============
Vulnerability
MS05-017: Vulnerability in Message Queuing Could Allow Code Execution - Windows 2000
Applicable Systems
100
Total number of systems
5917
% unpatched
1.69
===============
Something similiar to what I am trying to get to is as follows.
===============
Vulnerability
MS05-017: Vulnerability in Message Queuing Could Allow Code Execution - Windows 2000
Applicable Unpatched Systems
100
Total applicable systems
1946
Systems patch does not apply
3971
Total number of systems
5917
% unpatched
5.1%
===============
I figured i could use the patches installed analysis (which tells the KB number) but it appears I cannot access that through the web qna.