Hello MVM community
I was looking for scripts/checks that report outdated operating systems and/or missing service packs but could not find such checks. Microsoft hotfixes (as well as patches from other vendors) do usually not apply to no longer supported versions of their software. Unsupported software is always a security risk.
I recently had some cases where Vulnerability Manager reported missing Microsoft patches but WSUS would not apply those patches because they are not applicable to the outdated service pack that was still installed on that system. So the real vulnerability was not one or more missing patches but a no longer supported release of the software.
In my opinion MVM should be able to report unsupported software versions as vulnerabilities. It seems that there is only one script that does something like this. It is called "Windows 2000 Service Pack 4 Not Installed" (Faultline ID 12982). Are there others like that which I haven’t found yet?
Is this an issue for other users? Would you recommend to open up a product enhancement request?
I don't think any checks exist for unsupported operating systems...Conversely you could run a discovery scan with OS detection and compare the discovered operating systems against a list of known unsupported operating systems with some simple excel fu...