Your security team needs clear, actionable insights to protect your organization from emerging threats. The new Common Vulnerabilities and Exposures (CVEs) report in Windows Autopatch delivers just that. Get a comprehensive view of Windows CVEs addressed by recent quality updates, along with direct links to remediation documentation and device-level vulnerability status.
Why CVE reporting matters
With the increasing pace of security updates and the complexity of enterprise environments, it can be a struggle to track which vulnerabilities have been remediated and which devices remain at risk. The CVE report bridges this gap and joins your other Windows quality update reports right in the Microsoft Intune admin center. This empowers your organization to prioritize update deployment, demonstrate compliance, and maintain a robust security posture.
Key features of the new Windows Autopatch report
- Comprehensive CVE list: View all Windows CVEs addressed in the past 90 days, including severity ratings and exploitation status.
- Device vulnerability tracking: Identify which managed devices are missing updates for specific CVEs.
- Access to technical details and remediation guidance: Each CVE entry links to the Windows update KB article (also known as a release note) that describes the fix.
- Search and filter: Easily locate CVEs by ID, severity, or update release
- Export: Share and use this report offline as you implement your response strategy.
- Timely insights: The report latency is two hours, reflecting the latest changes for the most actionable insights.
How to access the report
- Navigate to the Microsoft Intune admin center.
- Go to Reports > Windows Autopatch > Windows quality updates.
- Select the Reports tab.
- Select the Common Vulnerabilities and Exposures (CVEs) report
Inside the report
The report contains details and links relevant to the CVE, to the update that addresses it, and to your environment.
CVEs are unique identifiers assigned to publicly disclosed security vulnerabilities that Microsoft has investigated, confirmed, and published. For each CVE, see related columns of CVE Name, CVE Base Score, and Exploited to learn about its status.
The columns Release, KB Article, and Published relate to the Windows update that contains the fix for this CVE.
Review the number of devices in the column Devices Missing Update. Select a cell to invoke a flyout with the complete list of device names and their OS versions to inform your next steps.
Improve your vulnerability response strategy today
The new CVE report in Windows Autopatch can help strengthen your vulnerability response strategy. Once you identify devices exposed to a high severity CVE, depending on the scenario, you can:
- Use Windows Autopatch update readiness (currently in preview) to proactively monitor, troubleshoot, and repair devices to help ensure they receive quality updates smoothly.
- Expedite corresponding updates using Microsoft Intune or Microsoft Graph. To learn more, see Get the most out of expedited Windows quality updates.
- Use the Security Copilot Vulnerability Remediation Agent in Intune (currently in limited public preview).
Try the new report today and let us know what you think! Here’s what else can get you started:
Continue the conversation. Find best practices. Bookmark the Windows Tech Community, then follow us @MSWindowsITPro on X and on LinkedIn. Looking for support? Visit Windows on Microsoft Q&A.
Microsoft