This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(300.8, 32%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMO%3C/text%3E%3C/svg%3E)
Just found out that the reporting of the 1900 device vulns in MSFT DEF is grossly wrong.
There are a ton of vulns that are very, very clearly stale. This would have an adverse impact on SecureScore - and that is a huge problem as that's a core Security KPI.
Will anyone from MSFT Support address this or am I at the mercy of the forum? :-)
A cloud-native solution that protects workloads across hybrid and multi-cloud environments with threat detection and security recommendations
Seriously - the "answer" was to start going through all the vulns? One by one????
That is so not an answer. I am looking for MSFT guidance from a HUMAN :-)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(300.8, 28.000000000000004%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECK%3C/text%3E%3C/svg%3E)
Hi Michael O'Hara,
According to Microsoft, Defender for Endpoint continuously analyzes endpoint data, and "vulnerability assessments are refreshed continuously and automatically using Microsoft threat intelligence" this means updates can occur without waiting for a full device scan, although local scans do contribute additional context.
Reference: -https://learn.microsoft.com/en-us/answers/questions/5447802/vulnerability-update-frequency
If none of this works, raising a support ticket is the recommended route. To Raise a support Ticket:
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(54.400000000000006, 10%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
Following up to check if the resolution provided above was helpful. Please let us know if you need any further assistance.
This "response" is not helpful. I have already tried to open a case - and the BYZANTINE "support process" feeds me back to only one outcome - I never get the speak with a human. All I get is a link.
Following up to check if the resolution provided was helpful. Please let us know if you need any further assistance.
We'll try steps recommended by Shubham - will close this for now.
Thank you for the confirmation.
Hello Michael O'Hara
Thank you for reaching out to Microsoft Q&A.
Here’s some guidance on how Defender pulls in and updates those findings, plus a few things you can try to clean up the noise:
Reference docs:
• Monitor vulnerabilities using Defender Vulnerability Management https://docs.microsoft.com/azure/defender-for-cloud/deploy-vulnerability-assessment-tvm
• Integrate Defender for Cloud with Defender for Endpoint https://docs.microsoft.com/azure/defender-for-cloud/integration-defender-for-endpoint
• What is Defender Vulnerability Management? https://docs.microsoft.com/microsoft-365/security/defender-endpoint/next-gen-threat-and-vuln-mgt
Let us know if the above steps help
Thanks