I enabled the Vulnerabilities to Windows Analysis (ACCEPTED) to allow analysis of the OVAL Accepted security vulnerabilities in Windows. Almost every single one is showing all the systems as vulnerable to include patches that came out in 2008. Systems are definately patched (verified). I could understand if a few machines here and there are showing up as vulnerable (patch didn’t install for example) but why is everything showing as vulnerable? There something I’m not doing right or enabling?
Here’s an example. This particular vulnerability is showing 118 systems vulnerable but in WSUS it shows them all patched. 100% compliant
The Bluetooth stack in Microsoft Windows XP SP2 and SP3, and Vista Gold and SP1, allows physically proximate attackers to execute arbitrary code via a large series of Service Discovery Protocol (SDP) packets.
CVE:CVE-2008-1453 OVAL:OVAL4730 OVAL Status:ACCEPTED CVSS Base Score:8.3 (HIGH) CVSS Base Score Vector:(AV:A/AC:L/Au:N/C:C/I:C/A:C)
There’s also a bunch of Adboe vulnerabilities showing but they are only applicable for lower versions of Acrobat and Flash. Both are at the latest version and Bigfix was used to patch them but the OVAL analysis is still showing vulnerable.
A bug with the relevance for content for Vulnerabilities to Windows has recently been fixed. The new content should already be be published (site version 225). If there are still issues, feel free to bring them up. Thanks!