Microsoft Defender Vulnerability Management – Firmware Security Advisories
Published Jul 26 2023 10:20 AM 6,559 Views
Microsoft

We are happy to announce a new capability for Microsoft Defender Vulnerability Management – ‘Firmware Security Advisories’.

This capability allows more streamlined and efficient way to view, track, and monitor firmware advisories. With the ability to filter on exposed devices and view advisories that affect the customer environment, security teams can quickly identify potential vulnerabilities and take action to mitigate them. This is especially important in today's rapidly evolving threat landscape, where firmware vulnerabilities can be exploited by attackers to gain access to sensitive data or systems.

To view firmware security weaknesses,  The ‘Weaknesses’ inventory is now extended with a new ‘Security Advisories’ tab.

Tomer_Reisner_0-1690379695300.png

 

 

The security advisories are continuously monitored by Microsoft Defender Vulnerability Management and details from manufacturer websites and inventories, as well as on third-party security websites, and validated against the organization inventory. Security advisories details include specific version of the devices or software that are affected  It may also include instructions for how to update the firmware to address the vulnerability, as well as any other steps that should be taken to mitigate the risk. By following the instructions provided in a firmware advisory, users can reduce the likelihood of their device or system being compromised by a firmware vulnerability.



Tomer_Reisner_1-1690379695309.png

 

For each advisory there is a list of ‘Exposed Devices’, ’Associated CVE’s’ and ‘Related Firmware’.

‘Exposed Devices’ is the source to identify if your organization is affected for specific security advisory. In case of ‘Exposed Devices’ = 0, that means your organization isn’t at risk for that specific security advisory.

 

Tomer_Reisner_2-1690379695320.png

 



’Associated CVE’s’ is the list of CVE’s related to the specific advisory:

Tomer_Reisner_3-1690379695327.png

 

‘Related Firmware’ is the list of all firmware impacted by the vulnerability:

Tomer_Reisner_4-1690379695338.png

 

It's important to stay vigilant and regularly check for security advisories related to your devices and systems to ensure that you are aware of any vulnerabilities that may affect them.

The following Security Advisories vendors are currently supported: Lenovo, Dell, HP.
Details of for each published advisory includes: 

  • Advisory ID
  • Severity (Provided by the vendor)
  • Related CVE’s
  • Advisory link
  • Vendor
  • Age
  • Published on
  • Updated on
  • Exposed devices

 

Tomer_Reisner_5-1690379695342.png

 

 

 

 

You can also view this list through the ‘Security Recommendation’ filtered by ‘Remediation Type = Firmware update’

 

Tomer_Reisner_6-1690379695348.png

 

Learn more

If you’re interested in learning more about Microsoft Defender Vulnerability Management visit our website to take advantage of our free 90-day trial, check out our interactive guide, and read more information in our product documentation.

 

As always, we’d love to know what you think.

Looking forward to your feedback. share your feedback directly at: mdvmfeedback@microsoft.com

 

Thanks,

The Microsoft Defender Vulnerability Management Team

Version history
Last update:
‎Jul 26 2023 10:18 AM
Updated by: