by Sharon Everson
June 11, 2021
A significant benefit of an effective cybersecurity program is that organizations will improve business continuity and confidence when dealing with security threats. This dashboard gives you visibility into Microsoft Rollup status as well as severity, trend, and host count data to highlight organization-wide patching context. Microsoft Rollups are a tested cumulative set of updates typically released to address a significant event. Rollups include both security and reliability updates that are packaged together and distributed over Microsoft’s standard update mechanisms. The Monthly Rollup addresses both new security issues and non security issues in a single update and does not require cumulative patching.
Organizations regularly need to know which of the systems in their environment are up to date or require patching. When systems fall behind patching efforts they become vulnerable to compromise. Systems missing rollups may have stability issues, security holes, or have outdated features. When these systems are compromised, attackers rapidly gain an advantage by leveraging additional vulnerable systems to laterally move throughout the network. To reduce risk, Operations teams must be able to detect these vulnerable devices, and be alerted when patching efforts fall behind organizational requirements.
Operations teams are typically responsible for not only monitoring the organization’s infrastructure, but also for patching and remediating risk. To do this, the operations team requires vulnerability details which easily identify the most significant vulnerabilities, and provides guidance towards mitigation. The ability to identify the risks which are present due to missing patches is paramount. In addition to rollup status, this dashboard provides severity, trend, and host count data to highlight organization-wide patching context. By identifying assets that are missing critical vulnerability patches, operations teams can quickly reduce the attack surface, and visually track efforts and measure against established goals.
Organizations should use this dashboard to assist operations teams in monitoring outdated assets within the organization, and guide them in detecting, predicting, and reducing risk across their entire attack surface. Components not only include critical missing rollup patches, but also quarterly patch tracking to identify the length of time that an asset has been out of date. Utilizing Tenable’s Predictive Prioritization technology of combining vulnerability data, threat intelligence and data science, this dashboard directly benefits operations teams in determining where to start when navigating a sea of vulnerabilities. Further, when missing Microsoft Security Rollups are identified, Tenable.sc can quickly provide alerts via workflows and notifications, to further speed up incident response and vulnerability remediation.
This dashboard is available in the Tenable.sc Feed, a comprehensive collection of dashboards, reports, Assurance Report Cards, and assets. The dashboard can be easily located in the Tenable.sc Feed under the category Compliance & Configuration Assessments.
The dashboard requirements are:
• Tenable.sc 5.18.0
• Nessus 8.15.0
This dashboard contains the following components:
Windows Patch Level Rollup Tracking - 90-day Vulnerability Trend for Missing Rollups: This component presents a 90-day trend of vulnerabilities for hosts identified as missing any Microsoft Windows Rollup KB.
Windows Patch Level/Rollup Tracking - Missing Rollups Presenting a High Risk (VPR 7 -10): This component presents a table of vulnerabilities sorted by Vulnerability Priority Rating (VPR) for hosts identified as missing Microsoft Windows Rollup KBs.
Hosts with the Most Missing Rollup KBs: This component displays the top 5 hosts missing Microsoft Rollup KBs, patches.
Windows Hosts With Old Patch Levels (Patched only with Pre-2020 Rollups): This table provides a list of hosts that only have Microsoft Rollup patches dated from before 2020 installed.
Windows Hosts With No Confirmed Patch Level for > 30 Days: This table provides a list of hosts that have not received the latest Microsoft Windows Rollup.
Windows Host - Latest Effective Monthly Rollup Patch Level (Q1): This matrix presents a monthly analysis of the last Microsoft Rollup that has been applied to a host for Quarter 1 of 2023-2025.
Windows Host - Latest Effective Monthly Rollup Patch Level (Q2): This matrix presents a monthly analysis of the last Microsoft Rollup that has been applied to a host for Quarter 2 of 2023-2025.
Windows Host - Latest Effective Monthly Rollup Patch Level (Q3): This matrix presents a monthly analysis of the last Microsoft Rollup that has been applied to a host for Quarter 3 of 2023-2025.
Windows Host - Latest Effective Monthly Rollup Patch Level (Q4): This matrix presents a monthly analysis of the last Microsoft Rollup that has been applied to a host for Quarter 4 of 2023-2025.