Not really an enhancement request, but posting here to see what kind of response I get! The SNS notices related to approved MS updates for MVM servers does not include either of:
- An enumerated list of non-approved updates (and why they are not approved - as part of vulnerability management, if an update isnt applied to any server, an audit trail needs to include why it isnt. Although that reason could be 'McAfee dont approve of it' we could really do with something more here!).
- In the case of there being no non-approved updates, a simple line in the SNS notice advising of this fact.
Should be a fairly simple thing to implement I would say - would be interested in opinions on both sides, however!