Sep 29 2023 12:18 AM
Hi,
Anyone know why Microsoft Store Apps are not detected by Defender TVM? We recently undertook an external pen-test of some clients and we multiple CVEs in the Microsoft Store Apps.
Turns out that Defender TVM doesn't inventory those applications or detected the CVEs which surprised me. The Nessus agent provided greater depth of vulnerability information on the devices under assessment than the data being reported in Microsoft.
Makes me wonder what else is being missed.
Sep 29 2023 05:59 AM
Hi @MikeP751860,
Why Microsoft Store Apps are not detected by Defender TVM
There are a few reasons why Defender TVM may not be detecting Microsoft Store Apps:
How to improve Defender TVM detection of Microsoft Store Apps
There are a few things that you can do to improve Defender TVM detection of Microsoft Store Apps:
Please click Mark as Best Response & Like if my post helped you to solve your issue.
This will help others to find the correct solution easily. It also closes the item.
If the post was useful in other ways, please consider giving it Like.
Kindest regards,
Leon Pavesic
(LinkedIn)
Feb 24 2024 01:17 AM
I found the same when testing the product, it wasn't just store apps that it didn't detect, but also 10 year old vulnerabilities like the win padding CVE . I opened a support ticket and after 3 months I got nowhere, they just said that there were things that it did not detect. I asked for a list of limitations and never got anywhere and they have tried to hide the issue by deleting the github page where i raised the lack of this information in the documentation too. Here is my list of some of the ones that tenable finds that MDVM does not find.
Did you ever get any further or did you give up on MDVM ?