Finding and fixing software vulnerabilities
Kaspersky Security Center Cloud Console detects and fixes software vulnerabilities on managed devices running Microsoft Windows families operating systems. Vulnerabilities are detected in the operating system and in third-party software, including Microsoft software.
Updates functionality (including providing anti-virus signature updates and codebase updates), as well as KSN functionality may not be available in the software in the U.S.
Finding software vulnerabilities
To find software vulnerabilities Kaspersky Security Center Cloud Console uses characteristics from the database of known vulnerabilities and Windows Update Database. The database of known vulnerabilities is created and maintained by Kaspersky specialists. It contains information about vulnerabilities, such as vulnerability description, vulnerability detect date, vulnerability severity level. You can find the details of software vulnerabilities on Kaspersky website.
Kaspersky Security Center Cloud Console uses the Find vulnerabilities and required updates task to find software vulnerabilities.
Fixing software vulnerabilities
To fix software vulnerabilities, Kaspersky Security Center Cloud Console uses software updates issued by the software vendors. You can view the list of software vulnerabilities at any time. The software updates metadata is downloaded to the Administration Server repository automatically and to the repositories of distribution points as a result of the Download updates to the repositories of distribution points task run. You can create this task by the Kaspersky Security Center Cloud Console quick start wizard or manually.
Software updates to fix vulnerabilities can be represented as full distribution packages or patches. Software updates that fix software vulnerabilities are named fixes. In Kaspersky Security Center Cloud Console, you fix vulnerabilities by using recommended fixes. Recommended fixes are software updates that are recommended for installation by Kaspersky specialists.
Depending on the Kaspersky Security Center Cloud Console mode and your current license, you can use Install required updates and fix vulnerabilities task or the Fix vulnerabilities task to fix software vulnerabilities.
The Install required updates and fix vulnerabilities task automatically fixes multiple vulnerabilities installing recommended fixes. For this task, you can manually configure certain rules to fix multiple vulnerabilities.
By means of the Fix vulnerabilities task, you can fix vulnerabilities by installing recommended fixes for Microsoft software.
For security reasons, any third-party software updates that you install by using the Vulnerability and patch management feature are automatically scanned for malware by Kaspersky technologies. These technologies are used for automatic file check and include virus scan, static analysis, dynamic analysis, behavior analysis in the sandbox environment, and machine learning.
Kaspersky experts do not perform manual analysis of third-party software updates that can be installed by using the Vulnerability and patch management feature. In addition, Kaspersky experts do not search for vulnerabilities (known or unknown) or undocumented features in such updates, nor do they perform other types of analysis of the updates other than those specified in the paragraph above.
The software update installation tasks have a number of limitations. These limitations depend on the license under which you are using Kaspersky Security Center Cloud Console and on the mode in which Kaspersky Security Center Cloud Console is working.
A user interaction may be required when you update a third-party application or fix a vulnerability in a third-party application on a managed device. For example, the user may be prompted to close the third-party application if it is currently open.
To fix some software vulnerabilities, you must accept the End User License Agreement (EULA) for installing the software if EULA acceptance is requested. If you decline EULA, the software vulnerability cannot be fixed.
The information about each fixed vulnerability is stored on the Administration Server for 90 days. After this time, it is automatically deleted.