365 security endpoint missing KBs

%3CLINGO-SUB%20id%3D%22lingo-sub-2276154%22%20slang%3D%22en-US%22%3E365%20security%20endpoint%20missing%20KBs%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2276154%22%20slang%3D%22en-US%22%3E%3CP%3EHow%20often%20does%20the%20ATP%20defender%20client%20update%20the%20KBs%20installed.%26nbsp%3B%3C%2FP%3E%3CP%3EI%20have%20a%20machine%20that%20was%20patched%202%20days%20ago%20but%20it%20not%20reflecting%20on%20the%20missing%20KBs%20section%20of%20the%20device%20inventory.%26nbsp%3B%3C%2FP%3E%3CP%3ELast%20seen%20was%205%20minutes%20ago.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWe're%20struggling%20to%20find%20a%20good%20way%20to%20report%20at%20both%20the%20macro%20and%20micro%20level%20on%20windows%20patch%20level%20in%20intune.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3Ejb%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2412279%22%20slang%3D%22en-US%22%3ERe%3A%20365%20security%20endpoint%20missing%20KBs%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2412279%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F606641%22%20target%3D%22_blank%22%3E%40Jason_B1025%3C%2FA%3E%26nbsp%3BIf%20you%20are%20using%20TVM%20(Threat%20%26amp%3B%20vulnerability%20Management)%20from%20defender%2C%20you%20could%20add%20the%20reported%20vulnerability%20to%20remediation%20task%20and%20you%20could%20track%20the%20progress%20from%20there.%20I%20have%20a%20video%20on%20TVM%20here%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3D2ktppQHFGBY%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3EMicrosoft%20Defender%20ATP%20Training%20Series%20Part%202%3A%20Threat%20%26amp%3B%20Vulnerability%20Management%20(TVM)%20-%20YouTube%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIf%20you%20use%20MEM%20portal%2C%20you%20could%20see%20the%20status%20via%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmem%2Fintune%2Fprotect%2Fwindows-update-compliance-reports%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EUse%20Update%20Compliance%20reports%20for%20Windows%20Updates%20in%20Microsoft%20Intune%20-%20Microsoft%20Intune%20%7C%20Microsoft%20Docs%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E
Contributor

How often does the ATP defender client update the KBs installed. 

I have a machine that was patched 2 days ago but it not reflecting on the missing KBs section of the device inventory. 

Last seen was 5 minutes ago.

 

We're struggling to find a good way to report at both the macro and micro level on windows patch level in intune.

 

jb

 

 

2 Replies

@Jason_B1025 If you are using TVM (Threat & vulnerability Management) from defender, you could add the reported vulnerability to remediation task and you could track the progress from there. I have a video on TVM here Microsoft Defender ATP Training Series Part 2: Threat & Vulnerability Management (TVM) - YouTube

 

If you use MEM portal, you could see the status via Use Update Compliance reports for Windows Updates in Microsoft Intune - Microsoft Intune | Microsoft...

@Jason_B1025 The problem was solved? I have several computers the same, the patches or updates are already installed but they continue to report that they are missing. I don't know if a service has to be restarted or a firewall problem, but run the test detection and it works