I've seen quite a few threads around the false positive topics, but I'd like know what investigations I can do on my own before reporting a finding as a false positive to Qualys for review.
As a concrete example: I have a server that shows MS12-079 - Microsoft Word Remote Code Execution Vulnerability, QID 90551, which is Microsoft Windows GDI+ Remote Code Execution Vulnerability (MS09-062). I have checked this server and it does not have ANY Office products installed.
Is there a way to obtain more info (e.g. within Qualys) to find out exactly what file / DLL / executable it identified that triggered it to believe this vulnerability exists? The above mentioned vulnerability is just an example, not the focus.