AnsweredAssumed Answered

Security Only Quality Update Vs Security Monthly Quality Update

Question asked by Kasthuri Ganesh Rangaswamy on Nov 15, 2018
Latest reply on Nov 21, 2018 by Kasthuri Ganesh Rangaswamy

Like • Show 0 Likes0
Comment • 3

What's the detection logic of Qualys behind Security only vs Security Monthly update?

Qualys QID: 91415 and 91405

There are some security only update which is not superseded by security monthly update which I highlighted below

KB4054522
KB4054521
KB4034672
KB4034679

There is no detailled description available from Microsoft either. Qualys says either security only or security monthly patch is missing. Does this means updating either security only or security monthly will fix the vulnerability? Or both security only and security monthly update are mandatory?

Robert Dell'Immagine

Nov 19, 2018 5:01 PM

Correct Answer

We added detection logic to both QIDS (91415 and 91405). The changes will reach production today (Nov 19, 2018).

See the reply in context

No one else had this question

Outcomes

StjepanSusnjar Nov 15, 2018 3:00 AM

As long as you have installed either Security only or Cumulative our QIDs will not flag.

Usualy, Qualys will be correct and if cumulative patch didn't fix all vulnerailities ti will note that vulnerablity still exist.

Sometimes, Microsoft within "Cumulative" Roll-up bundles don't really patch "everything".

Roll-up could include additional (separate) .msu files for installation and they are not always getting installed.

From my experiance, additional scan after "Cumulative" Roll-up installation will note that some patch still missing and those one should be installed separately.

1 person found this helpful

Actions

Robert Dell'Immagine

Nov 19, 2018 5:01 PM

We added detection logic to both QIDS (91415 and 91405). The changes will reach production today (Nov 19, 2018).

Actions

Kasthuri Ganesh Rangaswamy @ Robert Dell'Immagine on Nov 21, 2018 3:20 AM

Thanks Robert. Appreciate that.

Actions

3 Replies

StjepanSusnjar Nov 15, 2018 3:00 AM
Mark Correct
Correct Answer
As long as you have installed either Security only or Cumulative our QIDs will not flag.
Usualy, Qualys will be correct and if cumulative patch didn't fix all vulnerailities ti will note that vulnerablity still exist.

Sometimes, Microsoft within "Cumulative" Roll-up bundles don't really patch "everything".

Roll-up could include additional (separate) .msu files for installation and they are not always getting installed.
From my experiance, additional scan after "Cumulative" Roll-up installation will note that some patch still missing and those one should be installed separately.
1 person found this helpful
Like • Show 1 Like1
Actions
Robert Dell'Immagine Nov 19, 2018 5:01 PM
Unmark Correct
Correct Answer
We added detection logic to both QIDS (91415 and 91405). The changes will reach production today (Nov 19, 2018).
Like • Show 0 Likes0
Actions
- Kasthuri Ganesh Rangaswamy @ Robert Dell'Immagine on Nov 21, 2018 3:20 AM
  Mark Correct
  Correct Answer
  Thanks Robert. Appreciate that.
  Like • Show 0 Likes0
  Actions

Security Only Quality Update Vs Security Monthly Quality Update

Outcomes

Related Content

Recommended Content