How can I see all CVE's that relate to a specific product/build?

Walters, Samuel A 1 Reputation point
2021-08-25T15:00:11.627+00:00

I am trying to discover the amount of False Positive and False Negatives discovered by my Vulnerability Scanner. The only way I see this being possible is to establish a baseline of CVE's discovered by the scanner apply a patch and re-scan. I will compare the CVE's that should be mitigated by the patch with the CVE's returned by my scanner to determine this. I have done some research into Microsoft's release notes and have seen that when they publish patches it covers multiple CVE's as seen here in the August 2021 Security Updates. These CVE's relate to all of the software listed in the release notes. However, I would like to see only the CVE's that will apply to my specific build of Windows 10.

Windows 10 Security
Windows 10 Security
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
2,932 questions
{count} votes

2 answers

Sort by: Most helpful
  1. Reza-Ameri 16,986 Reputation points
    2021-08-25T15:26:06.493+00:00

    Windows Updates are based on KB number and not CVE and like you said one update might contains multiple CVE.
    In Windows PowerShell, you may run Get-HotFix to see list of all installed updates and then check KB in Microsoft website and see what CVE are covered.
    On the following websites you may search for update based on CVE and see which update is associated with each CVE. However, note that new Microsoft Updates are cumulative and if you install newer update, it holds all previous updates including security ones.

    0 comments No comments

  2. Limitless Technology 39,686 Reputation points
    2021-08-25T17:46:59.16+00:00

    Hello Samuel,

    I believe that this is what you are looking for:

    View and organize the Microsoft Defender for Endpoint Devices list
    https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/machines-view-overview?view=o365-worldwide

    Specially the options for:
    OS Platform
    Select only the OS platforms you're interested in investigating.

    Windows 10 versions
    Select only the Windows 10 versions you're interested in investigating.

    Hope this helps!
    Luis P

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.