You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
WES-NG collects information from the Microsoft Security Response Center (MSRC) feed. The reason that false positive missing KBs show up is because of Microsoft's incomplete KB supersedence information. For more info check the "Eliminating false positives" link on step 4 of the Usage heading: https://github.com/bitsadmin/wesng#usage.
I am currently in the process of finalizing a blog on how Windows versions/updates work, and how WES-NG can help to identify missing KBs, including ways to eliminate false positives. Keep an eye on my blog (https://bitsadm.in/) or Twitter (https://twitter.com/bitsadmin) where I will publish/announce it!
Hi!
I noticed a false positive when a CVE is corrected by different KBs. Enclosed is a systeminfo.txt and qfefile.txt illustrating the problem.
You can see that
wesng
says that the server is vulnerable to CVE-2017-0143 (EternalBlue), becauseKB4012219
is missing:However,
KB4012213
, which also corrects CVE-2017-0143 in the March 2017 Security Only Update, is installed.Therefore, the server is not vulnerable to EternalBlue, and the fact that
KB4012219
is not installed should be ignored.The text was updated successfully, but these errors were encountered: