AnsweredAssumed Answered

Patch Report on only MS Security Bulletins

Question asked by shawn on Jan 28, 2013
Latest reply on Jan 29, 2013 by downinej

Is there a way to only report on Microsoft security bulletin vulnerabilities, not advisories or EOL software?  I tried two different ways:

 

1)  I created a static search list with every QID for MS securitybulletins based on the R&D qualys site ex:http://www.qualys.com/research/alerts/view.php/2010-07-13.  This way works, but it's not dynamic and it takes time to go back to get every qid.  So far I have from Jan 2011 to current.

 

2)  I created a dynamic search list which included 'patchable' vendor =Microsoft, vendor id = MS.  However that creates a report that includes all the security bulletins (MS1x-ab) but also other QIDs for EOL software for MS office and MSXLM etc.

 

I wish this was a global dynamic search list just for MS Security Bulletin.

 

 

Thanks for your help!

Outcomes