Superceded patches
Hi, I am struggling in attempt to get my KACE patches to match up to my Nessus vulnerability scan results. In Nessus, I have a system that shows this as a current vulnerability:
The following Visual C++ Redistributable Package has not been patched : Product : Visual C++ 2010 SP1 Redistributable Package 32-bit Installed version : 10.0.40219.1 Fixed version : 10.0.40219.325
However, KACE says that my patches on this system are all up to date. If I follow the patch history of this vulnerability, it goes back multiple years and it shows that initial patches for this have been "superceded" which I take as being included in the next rollup.
Am I correct in this? Is there something else I should be looking at to make these two reconcile? Is there a different way I should be approaching these types of vulnerabilities?
Thanks for any insights!
-
Hope this is of help - https://community.tenable.com/s/article/About-Nessus-setting-Show-missing-patches-that-have-been-superseded - pegasus 4 years ago
-
Thank you for this. Very helpful! - tstrub2020 4 years ago
Answers (1)
Top Answer
You are correct and you are also not the first customer to get confused over Nessus results like this. For some reason Nessus wants to see proof of every patch installed, whereas if a patch is superseded, the previous patches are not visible as in effect they are replaced and no longer needed individually.
I would say that is an issue with Nessus, but I do not claim to know the product well enough to suggest what to do if your security officer is insisting on using it as a benchmark.
Comments:
-
Thanks for this information. I am looking at implementing a vulnerability scanner and have looked at nessus. Will bear this in mind. - pegasus 4 years ago
