1 Reply Latest reply on Nov 3, 2011 10:59 AM by cgrim

    Vuln set Question: Microsoft Non-Superseded Patches vs Microsoft Office Non-Superseded Patches

    John M Sopp

      I've noticed a new vuln set to help filter out superseded and had two questions:

      1. Is the _McAfee_ Microsoft Non-Superseded Patches vuln set all encompassing and also include all checks in the _McAfee_ Microsoft Office Non-Superseded Patches vuln set?
      2. How could we go about creating one report with everything except anything contained in the _McAfee_ Microsoft Non-Superseded Patches vuln set?

                Update: To create this report, which I should mention applies to csv output, I created a sql query to list enabled checks by vuln set name. I outputted the Check IDs for the Microsoft  non superseded vuln set. I then did a compare in my vulnerabilities.csv to the superseded list for all items with vuln name containing MS_ _-  .

      If the MVID is not in the non superseded list, record as potential false positive.

       


       

      Message was edited by: john.m.sopp on 11/1/11 4:12:54 PM EDT