Vulnerability support in Microsoft Defender Vulnerability Management
Article
Having accurate and up-to-date information about security vulnerabilities that could threaten your organization, and information on steps to help prevent them, is essential for keeping your organization secure.
The Weaknesses page in Defender Vulnerability Management lists the software vulnerabilities your devices are exposed to.
The Recommendations page provides prioritized recommendations to help shorten the time to mitigate or remediate vulnerabilities.
If you come across missing or incorrect vulnerability information for your organization, you can use the report inaccuracy capability available for both weaknesses and recommendations to report false positives, inaccuracies, or incomplete information.
This article provides information on inaccuracies that have been reported. You can use it to determine if new or updated vulnerability support has been added, or if support isn't currently available.
Note
The tables may also include updates based on vulnerability support queries from ICMs or in response to customer requests.
The following tables present the relevant vulnerability information organized by month:
May 2024
Inaccuracy report ID
Description
Fix date
-
Fixed inaccuracy in Microsoft Visual Studio Code
06-May-24
-
Added Microsoft Defender Vulnerability Management support to NextGen Mirth Connect
08-May-24
54538
Fixed inaccuracy in Pippo product
08-May-24
-
Fixed inaccuracy in FortiClient Endpoint Management
08-May-24
April 2024
Inaccuracy report ID
Description
Fix date
46816
Fixed inaccuracy in Telerik Progress
01-Apr-24
-
Fixed inaccuracy in CVE-2024-28916
01-Apr-24
-
Fixed inaccuracies in OpenSSL invalid file detections
01-Apr-24
48792
Fixed inaccuracy in CVE-2023-4895
02-Apr-24
-
Fixed invalid version detections in Anydesk
02-Apr-24
50593
Fixed inaccuracy in CVE-2023-6237
02-Apr-24
-
Defender Vulnerability Management doesn't currently support CVE-2024-27088
02-Apr-24
44989
Fixed inaccuracy in Ubuntu & Debian Samba
03-Apr-24
49233
Fixed inaccuracy in Suse Kernel-devel
03-Apr-24
35636
Fixed inaccuracy in Azul Zulu
08-Apr-24
48792
Fixed inaccuracy in CVE-2021-32823
09-Apr-24
53310
Fixed inaccuracy in CVE-2020-8284
14-Apr-24
53315
Defender Vulnerability Management doesn't currently supportĀ ThinkPad P14S Gen3
15-Apr-24
49836
Fixed inaccuracies in OpenEdge invalid file detections
15-Apr-24
48996
Fixed inaccuracy in Connectwise ScreenConnect Client
16-Apr-24
-
Fixed inaccurate product considerations in Apple
16-Apr-24
49565
Fixed inaccuracy in GitHub vulnerabilities - CVE-2012-2055 and CVE-2024-0727
16-Apr-24
March 2024
Inaccuracy report ID
Description
Fix date
-
Defender Vulnerability Management doesn't currently support CVE-2023-4966
05-Mar-24
47296
Defender Vulnerability Management doesn't currently support Bitdefender Vulnerabilities - CVE-2017-17408, CVE-2017-17409 & CVE-2017-17410
05-Mar-24
45748
Fixed inaccuracy in Zscaler Client Connector
14-Mar-24
-
Fixed inaccuracies in Weblogic Server invalid file detections
19-Mar-24
49672
Fixed inaccuracy in CVE-2024-0819
20-Mar-24
30583
Fixed inaccuracy in Opera Browser
21-Mar-24
-
Fixed inaccuracy in Autodesk Civil 3D and Anydesk
21-Mar-24
44979
Defender Vulnerability Management doesn't currently support CVE-2017-13774
26-Mar-24
46812
Fixed inaccuracy in Dell Supportassist
26-Mar-24
48178
Fixed inaccuracy in RuneLite
26-Mar-24
49660
Fixed inaccuracy in RSUPPORT RemoteView Agent
26-Mar-24
46828
Defender Vulnerability Management doesn't currently support OsiSoft Pi Server
26-Mar-24
48034
Defender Vulnerability Management doesn't currently support CVE-2023-35637
26-Mar-24
-
Fixed inaccuracy in Adobe Acrobat Reader and Reader DC
26-Mar-24
46021
Defender Vulnerability Management doesn't currently support CVE-2023-6129
26-Mar-24
-
Fixed inaccuracy in Ultraedit
26-Mar-24
-
Defender Vulnerability Management doesn't currently support CVE-2023-47248
26-Mar-24
-
Fixed inaccuracy in CVE-2024-20337
26-Mar-24
-
Fixed inaccuracy in Python
26-Mar-24
-
Fixed inaccuracy in Mitel 6920 & 6930 Firmwares
31-Mar-24
February 2024
Inaccuracy report ID
Description
Fix date
-
Fixed inaccuracy in Snow Inventory Agent
06-Feb-24
42360
Fixed inaccuracy in GitHub vulnerabilities - CVE-2020-10519 and CVE-2021-22863
12-Feb-24
44875
Fixed inaccuracy in Zoom Meetings for macOS
14-Feb-24
45686
Fixed inaccuracy in ConnectWise Control (Formerly known as ScreenConnect)
14-Feb-24
45559
Added Microsoft Defender Vulnerability Management support to Forta GoAnyWhere MFT
14-Feb-24
-
Added Microsoft Defender Vulnerability Management support to BeyondTrust Remote Support Jump Client
14-Feb-24
-
Fixed inaccuracy in Ignite Real Time
14-Feb-24
-
Added Microsoft Defender Vulnerability Management support to Ivanti (Pulse Secure) February released Vulnerabilities
20-Feb-24
-
Defender Vulnerability Management doesn't currently support SAP GUI
21-Feb-24
46606
Defender Vulnerability Management doesn't currently support Postgresql
21-Feb-24
47700
Defender Vulnerability Management doesn't currently support Adobe Digital Editions
21-Feb-24
45297
Fixed inaccuracy in Tera Term vulnerability - CVE-2023-48995
22-Feb-24
-
Fixed invalid version detections in Control & Control Client
23-Feb-24
-
Added Microsoft Defender Vulnerability Management support to ConnectWise Control vulnerabilities - CVE-2024-1708 & CVE-2024-1709
23-Feb-24
43472
Added correct version details in all FortiClient CVEs
25-Feb-24
45727
Added Microsoft Defender Vulnerability Management support to Box Tools & Box for Office products
26-Feb-24
47045
Fixed inaccuracy issues in April 2021 GitLab Vulnerabilities
26-Feb-24
47174
Added accurate EOS details for SQL Server Editions
26-Feb-24
46416
Fixed inaccuracy in Oracle Kernel-uek-modules
28-Feb-24
January 2024
Inaccuracy report ID
Description
Fix date
30873
Fixed inaccuracy in Apache Tomcat
08-Jan-24
31664
Fixed inaccuracy in OpenSSL
08-Jan-24
30674
Fixed inaccuracy in Microsoft Visio
08-Jan-24
30674
Fixed inaccuracy in Microsoft Office
08-Jan-24
35382
Fixed inaccuracy in MySQL connector
08-Jan-24
38235
Fixed inaccuracy in Python
10-Jan-24
-
Defender Vulnerability Management doesn't currently support Atlassian Confluence
10-Jan-24
-
Fixed inaccuracy in JetBrains TeamCity and JetBrains IntelliJ IDEA
10-Jan-24
41860
Defender Vulnerability Management doesn't currently support Lenovo ThinkPad T480 Firmware
10-Jan-24
41049
Defender Vulnerability Management doesn't currently support Lenovo ThinkCentre M700 Firmware
10-Jan-24
25969
Defender Vulnerability Management doesn't currently support Siemens Sinec NMS
10-Jan-24
39167
Defender Vulnerability Management doesn't currently support Avaya IP Office
10-Jan-24
-
Fixed inaccuracy in Palo Alto Networks - Global Protect
10-Jan-24
38038
Fixed inaccuracy in CVE-2022-3167
16-Jan-24
40269
Fixed inaccuracy in CVE-2023-46587
16-Jan-24
36968
Fixed inaccuracies in Lenovo August 2021 released Vulnerabilities
16-Jan-24
41041
Fixed inaccurate CVEs of Samsung Health
16-Jan-24
38717
Defender Vulnerability Management doesn't currently support CVE-2023-36397
17-Jan-24
43673
Defender Vulnerability Management doesn't currently support Lenovo ThinkPad T14 Gen 2 Firmware
17-Jan-24
43513
Fixed inaccuracies in OpenSSL invalid file detections
17-Jan-24
41204
Fixed inaccuracy in Affinity photo
21-Jan-24
40584
Fixed inaccuracy in Veeam One Client
21-Jan-24
40704
Fixed inaccuracy in Windows Subsystem for Linux(WSL)
21-Jan-24
43600
Fixed inaccuracy in Dell RVTools
21-Jan-24
43378
Fixed inaccuracy in Decisive Tactics Serial
21-Jan-24
43466
Fixed inaccuracy in Intel- Dynamic Tuning Technology (DTT)
21-Jan-24
35750
Fixed inaccuracy in Bitdefender Internet Security
21-Jan-24
44190
Fixed inaccuracy in CVE-2023-48670
29-Jan-24
43565
Fixed inaccuracy in WinSCP Vulnerability - CVE-2023-48795
30-Jan-24
-
Fixed detection issues in Ignite Realtime Openfire
30-Jan-24
-
Fixed inaccuracy in GitLab
30-Jan-24
-
Added Microsoft Defender Vulnerability Management support to SAP Business Client
30-Jan-24
-
Added Microsoft Defender Vulnerability Management support to SAP GUI
30-Jan-24
-
Added Microsoft Defender Vulnerability Management support to PostgreSQL
30-Jan-24
-
Added Microsoft Defender Vulnerability Management support to Adobe Digital Editions
30-Jan-24
-
Fixed inaccuracy in Python Anaconda3
30-Jan-24
December 2023
Inaccuracy report ID
Description
Fix date
-
Added Microsoft Defender Vulnerability Management support to SysAid Server
05-Dec-23
-
Removed CVE 'TVM-0001-00000000' from Defender Vulnerability Management
05-Dec-23
33439
Fixed inaccuracies in IBM Maximo CVEs
05-Dec-23
38186
Fixed inaccuracy in CVE-2020-36160
05-Dec-23
38705
Fixed inaccuracies in November released Veeam ONE CVEs
05-Dec-23
-
Added End of Support details for Intel HAXM
05-Dec-23
36856
Defender Vulnerability Management doesn't currently support Click Studios-Passwordstate
05-Dec-23
33377
Defender Vulnerability Management doesn't currently support IBM Db2
05-Dec-23
35256
Fixed inaccuracy in Techsmith Snagit
10-Dec-23
39620
Fixed inaccuracy in Adobe Audition
10-Dec-23
39542
Fixed inaccuracy in Splunk Vulnerabilities- CVE-2021-22570, CVE-2022-31799, CVE-2023-24329, CVE-2023-3817, CVE-2023-3446
19-Dec-23
39620
Fixed inaccuracy in CVE-2023-28388
19-Dec-23
35256
Fixed inaccuracy in CVE-2020-11541
19-Dec-23
41330
Fixed inaccuracy in CVE-2023-22524
19-Dec-23
-
Fixed inaccuracy in Progress OpenEdge
20-Dec-23
27605
Fixed inaccuracy in Maltego
20-Dec-23
November 2023
Inaccuracy report ID
Description
Fix date
35498
Fixed inaccuracy in CVE-2023-38802
05-Nov-23
34698
Fixed normalization inaccuracy in Condor Team
05-Nov-23
36594
Fixed inaccurate file path detections in Cisco Secure Client
12-Nov-23
37041
Fixed inaccuracy in OpenVPN
12-Nov-23
36808
Fixed inaccurate file path detections in Zoom Meetings
15-Nov-23
33837
Defender Vulnerability Management doesn't currently support IBM Cognos Analytics
15-Nov-23
37041
Fixed inaccuracy in CVE-2021-3606
15-Nov-23
37408
Fixed inaccuracy in Kernel Module Core
15-Nov-23
37440
Added accurate End of Life details for Oracle JDK versions
26-Nov-23
-
Fixed inaccuracy in CVE-2023-47246
26-Nov-23
36774
Fixed inaccuracies in October released Node.js CVEs
26-Nov-23
29643
Fixed inaccurate detections in Palo Alto Networks - Global Protect
29-Nov-23
36459
Defender Vulnerability Management doesn't currently support Siemens Simatic WinCC Runtime
29-Nov-23
36348
Fixed inaccurate file path detections in PHP
29-Nov-23
October 2023
Inaccuracy report ID
Description
Fix date
32689
Fixed inaccuracy in Kernel Module Extra
11-Oct-23
-
Fixed inaccuracies in Exim vulnerabilities
11-Oct-23
33312
Updated End of Support details for acrobat and acrobat reader version 2017
11-Oct-23
-
Fixed inaccuracy in CVE-2023-38545
12-Oct-23
32734
Fixed inaccuracy in Thunderbird
19-Oct-23
-
Added Microsoft Defender Vulnerability Management support to Jetbrains Teamcity
22-Oct-23
36144
Fixed inaccuracy in CVE-2023-3935
23-Oct-23
32979
Fixed inaccuracy in Bloomberg
25-Oct-23
-
Fixed inaccuracy in Curl normalization
25-Oct-23
-
Fixed inaccuracy in Progress - WS FTP Server
25-Oct-23
-
Added Microsoft Defender Vulnerability Management support to SQL server 2022
26-Oct-23
-
Added accurate End of Life details for Flash Player
30-Oct-23
32020
Fixed inaccuracy in Fiddler Everywhere
30-Oct-23
35189
Fixed inaccuracy in OpenSSL for Magnet Forensics
30-Oct-23
31139
Fixed inaccuracy in CVE-2023-3935
31-Oct-23
-
Fixed inaccuracy in CVE-2023-31102
31-Oct-23
-
Fixed inaccuracy in CVE-2022-43946
31-Oct-23
33380
Fixed inaccuracy in CVE-2023-32558
31-Oct-23
-
Fixed inaccuracy in CVE-2014-5455
31-Oct-23
September 2023
Inaccuracy report ID
Description
Fix date
-
Added accurate EOS details for Redis
04-Sep-23
31688
Fixed inaccuracy in CVE-2023-38831 and CVE-2023-40477
05-Sep-23
31898
Fixed Inaccuracy in CVE-2023-4373
05-Sep-23
30809
Fixed inaccuracy in FireEye path of OpenSSL
05-Sep-23
31651
Microsoft Defender Vulnerability Management doesn't currently support CVE-2022-0778
12-Sep-23
31590
Fixed inaccuracy in Dell Command Update
12-Sep-23
30966
Microsoft Defender Vulnerability Management doesn't currently support Lenovo ThinkPad models: X1 Yoga 3rd Gen and X13 3rd Gen
12-Sep-23
29892
Microsoft Defender Vulnerability Management doesn't currently support OpenBSI
12-Sep-23
29634
Fixed inaccuracy in CVE-2019-14568
13-Sep-23
-
Microsoft Defender Vulnerability Management doesn't currently support IBM Business Process Monitor
12-Sep-23
27242
Fixed inaccuracy in Forticlient
13-Sep-23
30770
Fixed inaccuracy in MySQL WorkBench
13-Sep-23
32471
Fixed inaccuracy in CVE-2023-40481
19-Sep-23
32114
Microsoft Defender Vulnerability Management doesn't currently support MitsubishiElectric GX Works3
19-Sep-23
30581
Fixed inaccuracy in CVE-2022-35909
21-Sep-23
-
Fixed Inaccuracy in Cisco Secure Client
21-Sep-23
August 2023
Inaccuracy report ID
Description
Fix date
-
Fixed inaccuracy in Acrobat Reader DC
02-Aug-23
29672
Fixed inaccuracy in RedHat Kernel Devel and CentOS Kernel Devel
03-Aug-23
-
Fixed inaccuracy in NetScaler Gateway Plugin
03-Aug-23
-
Added Microsoft Defender Vulnerability Management support for Azul products
09-Aug-23
30082
Fixed inaccuracy in CVE-2022-43946
09-Aug-23
-
Added accurate EOS details for Outlook (2010 & 2013) and Office build versions: (2304,2305,1902,1908,2008,2202)
10-Aug-23
30002
Fixed inaccuracy in KeePass versions
10-Aug-23
-
Added Microsoft Defender Vulnerability Management support to ODBC and OLEDB
10-Aug-23
29552
Fixed inaccuracy in Dell Command Update
14-Aug-23
-
Fixed inaccuracy in CVE-2021-36234
22-Aug-23
-
Fixed inaccuracy in CVE-2021-36283
22-Aug-23
30303
Microsoft Defender Vulnerability Management doesn't currently support Lenovo ThinkPad models: E15-gen 4, L13, L490, T490, T490s, and T470s
29-Aug-23
29397
Fixed inaccuracy in Microsoft PowerShell
29-Aug-23
31279
Fixed inaccuracy in Azul Zulu
29-Aug-23
-
Fixed inaccuracy in CVE-2021-36324
30-Aug-23
July 2023
Inaccuracy report ID
Description
Fix date
24162
Fixed inaccuracy in MYSQL Workbench
04-Jul-23
25736
Fixed inaccuracy in KeePass
04-Jul-23
24598
Fixed inaccuracy in Adobe Flash Player plugins
04-Jul-23
-
Lenovo CVEs not currently supported by Defender Vulnerability Management: CVE-2021-3519, CVE-2021-22499, CVE-2021-22500, CVE-2021-22514
03-Jul-23
-
Added Microsoft Defender Vulnerability Management support for Arcserve UDP
05-Jul-23
-
Added accurate EOS details for Log 4j versions
05-Jul-23
27379
Fixed inaccuracy in Adobe Animate
06-Jul-23
-
Added Arcserve UDP affected product details in CVE-2023-26258
05-Jul-23
26391
Fixed inaccuracy in CVE-2020-26941
09-Jul-23
25245
Fixed inaccuracy in CVE-2022-40011
11-Jul-23
-
Added Defender Vulnerability Management support for Microsoft PowerBI Desktop
13-Jul-23
-
Added zero-day details for CVE-2023-36884
12-Jul-23
26421
Defender Vulnerability Management doesn't currently support: ThinkCentre M75q Gen 2 & ThinkPad l390 Firmware
14-Jul-23
23876
Fixed inaccurate recommendation in Microsoft Teams CVE-2023-24881
20-Jul-23
25969
Fixed inaccuracy in Siemens Sinec NMS
24-Jul-23
-
Added EOS details for Windows Server 2012 & Windows Server 2012 R2
25-Jul-23
29096
Fixed inaccurate detection of Slack version 1.0.0.0
25-Jul-23
27941
Defender Vulnerability Management doesn't currently support Application Performance Management
25-Jul-23
26116
Fixed inaccuracy in HP CVEs: CVE-2021-33159, CVE-2022-26845, CVE-2022-27497, CVE-2022-29893
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.