vulnerabilities

Occasional Contributor

hello all 

I have some vulnerabilities on multiple windows servers 2016, I am looking for a tool to manage those vulnerabilities could anyone help?

 

10 Replies

What problem are you trying to solve?

 

 

hello @Dave Patrick

I am trying to find out how to manage OS vulnerabilities on several servers .

using an open-source management tool or application. 

or just know how to deal with the vulnerabilities.

What vulnerabilities are you asking about?

 

 

1. Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution (RCE) Vulnerability (Follina)
2. Microsoft SQL Server Remote Code Execution (RCE) Vulnerability for June 2022
3. Microsoft Windows Security Update for June 2022
4. Microsoft Windows Security Update for Memory Mapped I/O (MMIO) Stale Data Vulnerabilities (ADV220002)
5. Microsoft Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability for June 2022
6. SSLv3.0/TLSv1.0 Protocol Weak CBC Mode Server Side Vulnerability (BEAST)
7. Windows Service Weak Permissions detected
8. SMB Signing Disabled or SMB Signing Not Required
9. Administrator Account's Password Does Not Expire
10. Microsoft Windows Security Update for February 2022
11. Microsoft Internet Explorer Information Disclosure Vulnerability (September 2017)
12. Allowed Null Session
13. Remote Management Service Accepting Unencrypted Credentials Detected (FTP)
14. Microsoft Windows TCP/IP Remote Code Execution Vulnerabilities

In general, I'd suggest installing the latest cumulative update for Server 2016, and also install the latest updates for other products (SQL Server, etc.)

 

 

The best way to manage and handle vulnerabilities is to update your server.
I believe you don't need any standalone vulnerability management tools and just use tools like WSUS to manage Windows Update and make sure you have the latest updates.
first of all thanks for your support, I already downloaded all the updates but I still get the same vulnerabilities

How are you validating?

 

 

working on them waiting for the new report to see the result .
Are they related to Windows Server or other products?
Also note sometimes vulnerability scanner would have false-positive meaning when it shows a vulnerability it might be incorrect.