Vulnerabilities list to display resolvable vulnerabilities only

(imported topic written by SamuelMak)

Hi Experts,

I’m having a hard time explaining to the security team the difference between Vulnerabilities and Patches report.

Situation is, now the team download both reports seperately, and they want are confused if the machines are fully protected.

It is also mentioned that there are possible solutions other than mere patches; hotfixes or version upgrades

E.g. a fully patched pc (Based on MBSA) may have 100 vulnerabilities. however, among these 100 vulnerabilities, have 10 which has hot fixes and another 10 with version upgrade solutions)

But to solve the first problem, I only want to show them the Vulnerabilities list with patchable results only.

I’m actually trying to join 2 reports, Vulnerabilities and Patches for windows.

Then using their CVE number to match the vulnerability list against the patches.

The logic i need is something like this:

select Computer name, CVE, Vulnerability, Patch name from (Vulnerabilities to Windows System as v, Patches for Windows (English) as p) where v.CVE like p.CVE

But I need the output in web reports, so i was wondering if there are relevances which can merge these 2 outputs together?

(computer name of it, cve of it, vulnerability of it, patch name of it) from vulnerability site, patches for windows site whose(cve as string contains cve of vulnerability site)

something like that?

Thank you for reading.


Samuel Mak