Defender for cloud inventory health is reporting vulnerability findings that according to update history on the VM's have been installed.

Question

Defender for cloud inventory health is reporting vulnerability findings that according to update history on the VM's have been installed.

jbutler 0

All the vulnerability findings are related to .net or .net core. Some going back to 2023. Are these false positives? Highs and Meds so really want to make this go away. All windows updates have been installed and show in windows update history. Any directions would be appreciated.

Andrew Blumhardt 10,071 Reputation points Microsoft Employee

2025-05-09T13:58:18.6566667+00:00

Can you share more details? Possibly a sanitized screen shot?
Raja Pothuraju 47,240 Reputation points Microsoft External Staff Moderator

2025-05-12T23:41:36.93+00:00

Hello @jbutler,

As Andrew requested, can you please share more details about your issue and a screenshot of it.
jbutler 0 Reputation points

2025-05-14T16:58:37.15+00:00

Not sure how I can give additional detail without displaying the vulnerabilities that my servers may have. Would rather not advertise that. :-)

I just can't figure out what I'm missing since when I dig into the individual vulnerability listings they show KB's that say should fix the issue and those same kb's are listed in my update history.
Raja Pothuraju 47,240 Reputation points Microsoft External Staff Moderator

2025-05-14T19:29:48.0133333+00:00

Hello @jbutler,

You can share the information or screenshot via private message.

Note: This is a private message, and any information shared here can only be seen by Microsoft support moderators and yourself.

1 answer

Your answer

Andrew Blumhardt 10,071 Reputation points Microsoft Employee

2025-05-09T13:58:18.6566667+00:00

Can you share more details? Possibly a sanitized screen shot?
Raja Pothuraju 47,240 Reputation points Microsoft External Staff Moderator

2025-05-12T23:41:36.93+00:00

Hello @jbutler,

As Andrew requested, can you please share more details about your issue and a screenshot of it.
jbutler 0 Reputation points

2025-05-14T16:58:37.15+00:00

Not sure how I can give additional detail without displaying the vulnerabilities that my servers may have. Would rather not advertise that. :-)

I just can't figure out what I'm missing since when I dig into the individual vulnerability listings they show KB's that say should fix the issue and those same kb's are listed in my update history.
Raja Pothuraju 47,240 Reputation points Microsoft External Staff Moderator

2025-05-14T19:29:48.0133333+00:00

Hello @jbutler,

You can share the information or screenshot via private message.

Note: This is a private message, and any information shared here can only be seen by Microsoft support moderators and yourself.

Answer 1

Maybe I can share a screenshot instead. Are you talking about " Machines should have vulnerability findings resolved" finding "Update Microsoft .net Framework"?

This recommendation can be somewhat transient since it is largely driven by missing software updates with new updates being available on a regular basis. Defender for Servers includes a Defender for Endpoint license. You will see similar recommendations for MDE in the Defender for XDR portal and may also have patch tracking from Intune.

When you drill into the recommendation it shows every CVE associated with the outdated software. Many of these CVEs date back years, though your only point if interest is that there is a missing .net patch. You might even consider a targeted exemption for .net if you are unable to resolve.

I think you are overly focused on the CVE list here, just know that this simply states there is a new version available.
User's image

Share via

Defender for cloud inventory health is reporting vulnerability findings that according to update history on the VM's have been installed.

1 answer

Your answer