Vulnerability support in Microsoft Defender Vulnerability Management
Having accurate and up-to-date information about security vulnerabilities that could threaten your organization, and information on steps to help prevent them, is essential for keeping your organization secure.
- The Weaknesses page in Defender Vulnerability Management lists the software vulnerabilities your devices are exposed to.
- The Recommendations page provides prioritized recommendations to help shorten the time to mitigate or remediate vulnerabilities.
If you come across missing or incorrect vulnerability information for your organization, you can use the report inaccuracy capability available for both weaknesses and recommendations to report false positives, inaccuracies, or incomplete information.
This article provides information on inaccuracies that have been reported. You can use it to determine if new or updated vulnerability support has been added, or if support isn’t currently available.
Note
The tables may also include updates based on vulnerability support queries from ICMs or in response to customer requests.
The following tables present the relevant vulnerability information organized by month:
October 2023
| Inaccuracy report ID | Description | Fix date |
|---|---|---|
| 32689 | Fixed inaccuracy in Kernel Module Extra | 11-Oct-23 |
| - | Fixed inaccuracies in Exim vulnerabilities | 11-Oct-23 |
| 33312 | Updated End of Support details for acrobat and acrobat reader version 2017 | 11-Oct-23 |
| - | Fixed inaccuracy in CVE-2023-38545 | 12-Oct-23 |
| 32734 | Fixed inaccuracy in Thunderbird | 19-Oct-23 |
| - | Added Microsoft Defender Vulnerability Management support to Jetbrains Teamcity | 22-Oct-23 |
| 36144 | Fixed inaccuracy in CVE-2023-3935 | 23-Oct-23 |
| 32979 | Fixed inaccuracy in Bloomberg | 25-Oct-23 |
| - | Fixed inaccuracy in Curl normalization | 25-Oct-23 |
| - | Fixed inaccuracy in Progress - WS FTP Server | 25-Oct-23 |
| - | Added Microsoft Defender Vulnerability Management support to SQL server 2022 | 26-Oct-23 |
| - | Added accurate End of Life details for Flash Player | 30-Oct-23 |
| 32020 | Fixed inaccuracy in Fiddler Everywhere | 30-Oct-23 |
| 35189 | Fixed inaccuracy in OpenSSL for Magnet Forensics | 30-Oct-23 |
| 31139 | Fixed inaccuracy in CVE-2023-3935 | 31-Oct-23 |
| - | Fixed inaccuracy in CVE-2023-31102 | 31-Oct-23 |
| - | Fixed inaccuracy in CVE-2022-43946 | 31-Oct-23 |
| 33380 | Fixed inaccuracy in CVE-2023-32558 | 31-Oct-23 |
| - | Fixed inaccuracy in CVE-2014-5455 | 31-Oct-23 |
September 2023
| Inaccuracy report ID | Description | Fix date |
|---|---|---|
| - | Added accurate EOS details for Redis | 04-Sep-23 |
| 31688 | Fixed inaccuracy in CVE-2023-38831 and CVE-2023-40477 | 05-Sep-23 |
| 31898 | Fixed Inaccuracy in CVE-2023-4373 | 05-Sep-23 |
| 30809 | Fixed inaccuracy in FireEye path of OpenSSL | 05-Sep-23 |
| 31651 | Microsoft Defender Vulnerability Management doesn't currently support CVE-2022-0778 | 12-Sep-23 |
| 31590 | Fixed inaccuracy in Dell Command Update | 12-Sep-23 |
| 30966 | Microsoft Defender Vulnerability Management doesn't currently support Lenovo ThinkPad models: X1 Yoga 3rd Gen and X13 3rd Gen | 12-Sep-23 |
| 29892 | Microsoft Defender Vulnerability Management doesn't currently support OpenBSI | 12-Sep-23 |
| 29634 | Fixed inaccuracy in CVE-2019-14568 | 13-Sep-23 |
| - | Microsoft Defender Vulnerability Management doesn't currently support IBM Business Process Monitor | 12-Sep-23 |
| 27242 | Fixed inaccuracy in Forticlient | 13-Sep-23 |
| 30770 | Fixed inaccuracy in MySQL WorkBench | 13-Sep-23 |
| 32471 | Fixed inaccuracy in CVE-2023-40481 | 19-Sep-23 |
| 32114 | Microsoft Defender Vulnerability Management doesn't currently support MitsubishiElectric GX Works3 | 19-Sep-23 |
| 30581 | Fixed inaccuracy in CVE-2022-35909 | 21-Sep-23 |
| - | Fixed Inaccuracy in Cisco Secure Client | 21-Sep-23 |
August 2023
| Inaccuracy report ID | Description | Fix date |
|---|---|---|
| - | Fixed inaccuracy in Acrobat Reader DC | 02-Aug-23 |
| 29672 | Fixed inaccuracy in RedHat Kernel Devel and CentOS Kernel Devel | 03-Aug-23 |
| - | Fixed inaccuracy in NetScaler Gateway Plugin | 03-Aug-23 |
| - | Added Microsoft Defender Vulnerability Management support for Azul products | 09-Aug-23 |
| 30082 | Fixed inaccuracy in CVE-2022-43946 | 09-Aug-23 |
| - | Added accurate EOS details for Outlook (2010 & 2013) and Office build versions: (2304,2305,1902,1908,2008,2202) | 10-Aug-23 |
| 30002 | Fixed inaccuracy in KeePass versions | 10-Aug-23 |
| - | Added Microsoft Defender Vulnerability Management support to ODBC and OLEDB | 10-Aug-23 |
| 29552 | Fixed inaccuracy in Dell Command Update | 14-Aug-23 |
| - | Fixed inaccuracy in CVE-2021-36234 | 22-Aug-23 |
| - | Fixed inaccuracy in CVE-2021-36283 | 22-Aug-23 |
| 30303 | Microsoft Defender Vulnerability Management doesn't currently support Lenovo ThinkPad models: E15-gen 4, L13, L490, T490, T490s, and T470s | 29-Aug-23 |
| 29397 | Fixed inaccuracy in Microsoft PowerShell | 29-Aug-23 |
| 31279 | Fixed inaccuracy in Azul Zulu | 29-Aug-23 |
| - | Fixed inaccuracy in CVE-2021-36324 | 30-Aug-23 |
July 2023
| Inaccuracy report ID | Description | Fix date |
|---|---|---|
| 24162 | Fixed inaccuracy in MYSQL Workbench | 04-Jul-23 |
| 25736 | Fixed inaccuracy in KeePass | 04-Jul-23 |
| 24598 | Fixed inaccuracy in Adobe Flash Player plugins | 04-Jul-23 |
| - | Lenovo CVEs not currently supported by Defender Vulnerability Management: CVE-2021-3519, CVE-2021-22499, CVE-2021-22500, CVE-2021-22514 | 03-Jul-23 |
| - | Added Microsoft Defender Vulnerability Management support for Arcserve UDP | 05-Jul-23 |
| - | Added accurate EOS details for Log 4j versions | 05-Jul-23 |
| 27379 | Fixed inaccuracy in Adobe Animate | 06-Jul-23 |
| - | Added Arcserve UDP affected product details in CVE-2023-26258 | 05-Jul-23 |
| 26391 | Fixed inaccuracy in CVE-2020-26941 | 09-Jul-23 |
| 25245 | Fixed inaccuracy in CVE-2022-40011 | 11-Jul-23 |
| - | Added Defender Vulnerability Management support for Microsoft PowerBI Desktop | 13-Jul-23 |
| - | Added zero-day details for CVE-2023-36884 | 12-Jul-23 |
| 26421 | Defender Vulnerability Management doesn't currently support: ThinkCentre M75q Gen 2 & ThinkPad l390 Firmware | 14-Jul-23 |
| 23876 | Fixed inaccurate recommendation in Microsoft Teams CVE-2023-24881 | 20-Jul-23 |
| 25969 | Fixed inaccuracy in Siemens Sinec NMS | 24-Jul-23 |
| - | Added EOS details for Windows Server 2012 & Windows Server 2012 R2 | 25-Jul-23 |
| 29096 | Fixed inaccurate detection of Slack version 1.0.0.0 | 25-Jul-23 |
| 27941 | Defender Vulnerability Management doesn't currently support Application Performance Management | 25-Jul-23 |
| 26116 | Fixed inaccuracy in HP CVEs: CVE-2021-33159, CVE-2022-26845, CVE-2022-27497, CVE-2022-29893 | 27-Jul-23 |
| 25809 | Defender Vulnerability Management doesn't currently support: Visio 2010, 2013, 2016 & 2019 | 31-Jul-23 |
| 25810 | Defender Vulnerability Management doesn't currently support Project 2019 | 31-Jul-23 |
| 28176 | Fixed inaccuracy in VMWare Tools CVE-2021-31693 | 31-Jul-23 |
| 29089 | Fixed inaccuracy in CVE-2023-24329 | 31-Jul-23 |
| 28489 | Fixed inaccuracy in CVE-2020-9484 | 31-Jul-23 |
| 28385 | Fixed inaccuracy in CVE-2023-28759 | 31-Jul-23 |
June 2023
| Inaccuracy report ID | Description | Fix date |
|---|---|---|
| 24147 | Fixed inaccuracy in CVE-2023-29338 | 5-Jun-23 |
| 24145 | Fixed inaccurate detections in product - dbeaver | 06-Jun-23 |
| 23877 | Disabled Defender Vulnerability Management assessment for oracle_ bpftool | 06-Jun-23 |
| 24620 | Disabled Defender Vulnerability Management for synology_chat | 12-Jun-23 |
| 25091 | Updated inaccurate EOS date for oracle_jdk version 7 | 15-Jun-23 |
| 23425 | Fixed inaccurate detections in mongodb & mongosh | 21-Jun-23 |
| 23188 | Fixed inaccurate detections in oracle: vm_virtualbox & vm_virtualbox_guest_additions | 21-Jun-23 |
| 25559 | Fixed inaccuracy in Halo version -1.0.0.0 | 22-Jun-23 |
| 25762 | Fixed inaccuracy in CVE-2022-48435 | 28-Jun-23 |
| 25639 | Fixed inaccurate file path detections in apache_commonsText | 28-Jun-23 |
| 26367 | Fixed inaccurate file path detections in Winrar | 28-Jun-23 |
| 27146 | Fixed inaccuracy in Windows 2012 r2 - KB5012170 | 28-Jun-23 |
| 22866 | Fixed normalization issue in dell optiplex_7470_ firmware | 29-Jun-23 |
Feedback
Submit and view feedback for