Vulnerability management for Linux now generally available

Published Jun 29 2021 06:20 AM 9,005 Views
Microsoft

In May we announced the support for Linux across our threat and vulnerability management capabilities in Microsoft Defender for Endpoint. Today, we are excited to announce that threat and vulnerability management for Linux is now generally available across Red Hat, Ubuntu, CentOS, SUSE, and Oracle, with support for Debian coming soon. In addition to Linux, the threat and vulnerability management capabilities already support macOS and Windows, with support for Android and iOS coming later this summer to further expand our support of third party platforms.   

 

Vulnerability Management plays a crucial role in monitoring an organization’s overall security posture. That’s why we continue to expand our cross-platform support to equip security teams with real-time insights into risk with continuous vulnerability discovery, intelligent prioritization, and the ability to seamlessly remediate vulnerabilities for all their platforms. With the general availability of support for Linux, organizations can now review vulnerabilities within installed apps across the Linux OS and issue remediation tasks for affected .

 

Image 1: Software inventory page in the vulnerability management console, showing various Linux platformsImage 1: Software inventory page in the vulnerability management console, showing various Linux platforms

 

 

Image 2: Software inventory page in the vulnerability management portal, showing glibc across various Linux systemsImage 2: Software inventory page in the vulnerability management portal, showing glibc across various Linux systems

 

Support for the various Linux platforms in threat and vulnerability management closely follows what is available across our Endpoint Detection and Response (EDR) capabilities. This alignment ensures a consistent experience for Microsoft Defender for Endpoint customers, as we continue to expand our cross-platform support.

 

More information and feedback

The threat and vulnerability management capabilities are part of Microsoft Defender for Endpoint and enable organizations to effectively identify, assess, and remediate endpoint weaknesses to reduce organizational risk.

 

Check out our documentation for a complete overview of supported operating systems and platforms.

 

We want to hear from you! If you have any suggestions, questions, or comments, please visit us on our Tech Community page.

 

6 Comments
Microsoft

this capability rocks. Nice work team.

Contributor

The MS Defender for Endpoint will check others apps like Adobe Acrobat, Winzip, Google Chrome and etc as Comodo One or Acronis Advanced Management does? Including hardware/software inventory?

Occasional Contributor

@Renato Pereira : MS Defender for Endpoint (Windows version) certainly does, we get flags for new vulnerabilities in Google Chrome usually a couple of times a month, plus have had flags for Zoom, Foxit Reader, Mozilla Firefox, Zscaler Client Connector, Intel Proset Wireless etc. Not sure if there is an exact list of what apps are checked available, and whether the Linux version also does third-party app checks?

Contributor

Hi @Steve Burkett,

 

Do you know if it just check new updates or also perform the update itself for the application??

Occasional Contributor

It's just flagging if there are published CVE's against the app, to warn you that you should update (if a new version is available yet!), it doesn't do that update for you though. You'd use something like Microsoft Endpoint Manager (aka Intune & SCCM) to roll out your updates.

 

Contributor

hum...

I didn't know that INTUNE could handle with software updates

%3CLINGO-SUB%20id%3D%22lingo-sub-2451145%22%20slang%3D%22en-US%22%3EVulnerability%20management%20for%20Linux%20now%20generally%20available%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2451145%22%20slang%3D%22en-US%22%3E%3CP%3EIn%20May%20we%20%3CA%20href%3D%22https%3A%2F%2Fwww.microsoft.com%2Fsecurity%2Fblog%2F2021%2F05%2F11%2Fthreat-and-vulnerability-management-now-supports-all-major-platforms%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Eannounced%3C%2FA%3E%20the%20support%20for%20Linux%20across%20our%20threat%20and%20vulnerability%20management%20capabilities%20in%20Microsoft%20Defender%20for%20Endpoint.%20Today%2C%20we%20are%20excited%20to%20announce%20that%20threat%20and%20vulnerability%20management%20for%20Linux%20is%20now%20generally%20available%20across%20%3CSTRONG%3ERed%20Hat%2C%20Ubuntu%2C%20CentOS%2C%20SUSE%2C%20and%20Oracle%3C%2FSTRONG%3E%2C%20with%20support%20for%20%3CSTRONG%3EDebian%20%3C%2FSTRONG%3Ecoming%20soon.%26nbsp%3BIn%20addition%20to%20Linux%2C%20the%20threat%20and%20vulnerability%20management%20capabilities%20already%20support%20macOS%20and%20Windows%2C%20with%20support%20for%20Android%20and%20iOS%20coming%20later%20this%20summer%20to%20further%20expand%20our%20support%20of%20third%20party%20platforms.%20%26nbsp%3B%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EVulnerability%20Management%20plays%20a%20crucial%20role%20in%20monitoring%20an%20organization%E2%80%99s%20overall%20security%20posture.%20That%E2%80%99s%20why%20we%20continue%20to%20expand%20our%20cross-platform%20support%20to%20equip%20security%20teams%20with%20real-time%20insights%20into%20risk%20with%20continuous%20vulnerability%20discovery%2C%20intelligent%20prioritization%2C%20and%20the%20ability%20to%20seamlessly%20remediate%20vulnerabilities%20for%20all%20their%20platforms.%20With%20the%20general%20availability%20of%20support%20for%20Linux%2C%20organizations%20can%20now%20review%20vulnerabilities%20within%20installed%20apps%20across%20the%20Linux%20OS%20and%20issue%20remediation%20tasks%20for%20affected%20.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-center%22%20image-alt%3D%22Software%20inventory%201.PNG%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F290503i2A7CB34A1CE6A96A%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22Software%20inventory%201.PNG%22%20alt%3D%22Image%201%3A%20Software%20inventory%20page%20in%20the%20vulnerability%20management%20console%2C%20showing%20various%20Linux%20platforms%22%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-caption%22%20onclick%3D%22event.preventDefault()%3B%22%3EImage%201%3A%20Software%20inventory%20page%20in%20the%20vulnerability%20management%20console%2C%20showing%20various%20Linux%20platforms%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-center%22%20image-alt%3D%22Software%20inventory2.PNG%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F290502i729599765ED9087F%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22Software%20inventory2.PNG%22%20alt%3D%22Image%202%3A%20Software%20inventory%20page%20in%20the%20vulnerability%20management%20portal%2C%20showing%20glibc%20across%20various%20Linux%20systems%22%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-caption%22%20onclick%3D%22event.preventDefault()%3B%22%3EImage%202%3A%20Software%20inventory%20page%20in%20the%20vulnerability%20management%20portal%2C%20showing%20glibc%20across%20various%20Linux%20systems%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3ESupport%20for%20the%20various%20Linux%20platforms%20in%20threat%20and%20vulnerability%20management%20closely%20follows%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fsecurity%2Fdefender-endpoint%2Fmicrosoft-defender-endpoint-linux%3Fview%3Do365-worldwide%23system-requirements%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ewhat%20is%20available%20across%20our%20Endpoint%20Detection%20and%20Response%3C%2FA%3E%20(EDR)%20capabilities.%20This%20alignment%20ensures%20a%20consistent%20experience%20for%20Microsoft%20Defender%20for%20Endpoint%20customers%2C%20as%20we%20continue%20to%20expand%20our%20cross-platform%20support.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EMore%20information%20and%20feedback%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3EThe%20threat%20and%20vulnerability%20management%20capabilities%20are%20part%20of%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fsecurity%2Fbusiness%2Fthreat-protection%2Fendpoint-defender%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EMicrosoft%20Defender%20for%20Endpoint%3C%2FA%3E%26nbsp%3Band%20enable%20organizations%20to%20effectively%20identify%2C%20assess%2C%20and%20remediate%20endpoint%20weaknesses%20to%20reduce%20organizational%20risk.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3ECheck%20out%20our%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fsecurity%2Fdefender-endpoint%2Ftvm-supported-os%3Fview%3Do365-worldwide%23capabilities-per-supported-operating-systems-os-and-platforms%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Edocumentation%3C%2FA%3E%26nbsp%3Bfor%20a%20complete%20overview%20of%20supported%20operating%20systems%20and%20platforms.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EWe%20want%20to%20hear%20from%20you!%20If%20you%20have%20any%20suggestions%2C%20questions%2C%20or%20comments%2C%20please%20visit%20us%20on%20our%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fmicrosoft-defender-for-endpoint%2Fbd-p%2FMicrosoftDefenderATP%22%20target%3D%22_blank%22%3ETech%20Community%20page%3C%2FA%3E.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-TEASER%20id%3D%22lingo-teaser-2451145%22%20slang%3D%22en-US%22%3E%3CP%3EThreat%20and%20vulnerability%20management%20for%20Linux%20is%20now%20generally%20available%20across%20%3CBR%20%2F%3E%3CSTRONG%3ERed%20Hat%2C%20Ubuntu%2C%20CentOS%2C%20SUSE%2C%20and%20Oracle.%3C%2FSTRONG%3E%20Debian%20support%20coming%20soon!%3C%2FP%3E%3C%2FLINGO-TEASER%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2451145%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EMicrosoft%20Defender%20for%20Endpoint%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EThreat%20%26amp%3B%20Vulnerability%20Management%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2520011%22%20slang%3D%22en-US%22%3ERe%3A%20Vulnerability%20management%20for%20Linux%20now%20generally%20available%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2520011%22%20slang%3D%22en-US%22%3E%3CP%3Ethis%20capability%20rocks.%20Nice%20work%20team.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2547753%22%20slang%3D%22en-US%22%3ERe%3A%20Vulnerability%20management%20for%20Linux%20now%20generally%20available%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2547753%22%20slang%3D%22en-US%22%3E%3CP%3EThe%20MS%20Defender%20for%20Endpoint%20will%20check%20others%20apps%20like%20Adobe%20Acrobat%2C%20Winzip%2C%20Google%20Chrome%20and%20etc%20as%20Comodo%20One%20or%20Acronis%20Advanced%20Management%20does%3F%20Including%20hardware%2Fsoftware%20inventory%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2674914%22%20slang%3D%22en-US%22%3ERe%3A%20Vulnerability%20management%20for%20Linux%20now%20generally%20available%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2674914%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F68540%22%20target%3D%22_blank%22%3E%40Steve%20Burkett%3C%2FA%3E%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EDo%20you%20know%20if%20it%20just%20check%20new%20updates%20or%20also%20perform%20the%20update%20itself%20for%20the%20application%3F%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2681192%22%20slang%3D%22en-US%22%3ERe%3A%20Vulnerability%20management%20for%20Linux%20now%20generally%20available%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2681192%22%20slang%3D%22en-US%22%3E%3CP%3Ehum...%3C%2FP%3E%3CP%3EI%20didn't%20know%20that%20INTUNE%20could%20handle%20with%20software%20updates%3C%2FP%3E%3C%2FLINGO-BODY%3E
Version history
Last update:
‎Jun 24 2021 03:09 PM
Updated by: