Microsoft has unveiled an innovative feature within Windows Autopatch, introducing a Common Vulnerabilities and Exposures (CVE) reporting capability designed to enhance the security landscape for IT teams. This new tool provides a cohesive overview of Windows vulnerabilities that have been addressed through recent quality updates, allowing for precise device-specific vulnerability tracking.
The CVE report empowers security teams to swiftly ascertain which vulnerabilities have been mitigated while pinpointing devices that may still be exposed. By consolidating this critical information alongside other Windows update data, organizations can engage in proactive planning, ensure adherence to regulatory standards, and fortify their overall security posture.
What are the key features of the CVE Report?
The CVE report within Windows Autopatch is equipped with several features aimed at streamlining vulnerability management:
- A comprehensive list of CVEs addressed over the past 90 days, complete with severity scores and exploitation status.
- Detailed tracking of patch compliance at the individual device level, including device names and operating system versions.
- Direct links to Knowledge Base (KB) articles for remediation guidance.
- Filtering options by CVE or severity, along with the ability to export data for offline analysis.
- Near real-time updates to maintain visibility and help IT teams stay ahead of potential security threats.
How to access the new Windows Autopatch CVEs report?
Accessing the new CVEs report in Windows Autopatch is straightforward for administrators. The following steps outline the process:
- Navigate to the Microsoft Intune admin center.
- Go to Reports > Windows Autopatch > Windows quality updates.
- Select the Reports tab, then choose the Common Vulnerabilities and Exposures (CVEs) report.
This newly introduced report features detailed columns that include CVE identifiers, CVSS Base Scores, exploitation status, release information with links to KB articles, and publication dates. It also highlights the number of devices lacking the necessary updates, allowing for a granular view of specific device names and operating system versions that require remediation.
To enhance their response to vulnerabilities, organizations can adopt various strategies once they identify at-risk devices. These strategies may involve utilizing the Windows Autopatch update readiness feature to facilitate seamless update processing, expediting patch deployment through Microsoft Intune or Microsoft Graph, and applying targeted fixes with the Security Copilot Vulnerability Remediation Agent.
