Vulnerabilities
The Vulnerabilities section provides an overview of detected vulnerabilities on computers. The computer is scanned to detect any installed software vulnerable to security risks. Automated scanning with instant reporting to the console allows you to prioritize vulnerabilities based on severity, manage security risks and allocate resources effectively. A wide range of filtering options allows you to identify and focus on critical security issues.
|
Prerequisites To view and enable ESET Vulnerability & Patch Management, ensure you have one of the following tiers: •ESET PROTECT Elite •ESET PROTECT Complete •ESET PROTECT MDR You can enable ESET Vulnerability & Patch Management only on Windows computers running: •ESET Management Agent version 10.1+ •ESET Endpoint Security for Windows version 10.1+ •ESET Endpoint Antivirus for Windows version 10.1+ •ESET Server Security for Microsoft Windows Server version 11.0+ |
|
ESET Vulnerability & Patch Management is not supported on ARM processors. |
Enable Vulnerability & Patch Management
1.Click Computers.
2.Select the computer/group where you want to enable Vulnerability & Patch Management.
3.Select Solutions and click Enable Vulnerability & Patch Management.
4.In the Enable Vulnerability & Patch Management window:
a.Verify the Auto-patch management for applications toggle is enabled to automatically apply missing patches to the selected computers.
b.Verify the Operating system auto-updates toggle is enabled to automatically apply OS updates to the selected computers.
|
Operating system auto-updates are only available for ESET Endpoint for Windows 11.0 and later. |
c.The license is pre-selected.
d.Click the Enable button.
When Vulnerability & Patch Management is enabled:
•The 
Vulnerabilities icon appears next to the computer name.
•You can see the Vulnerability & Patch Management tile with the Active status in computer details.
|
Some applications require a computer restart and can restart computers automatically after an upgrade. |
|
Some applications (for example, TeamViewer) can be licensed to a specific version. Revise your applications. To avoid an unnecessary upgrade, set Auto-patch strategy > Patch all except excluded applications while creating a policy. |
View Vulnerabilities
You can view Vulnerabilities from several places:
•Click Vulnerabilities in the main menu to open the Vulnerabilities section and view a list of vulnerabilities.
•Click Computers > click the computer and click Details > in the Vulnerability & Patch Management tile, click Show vulnerabilities to open the Vulnerabilities section.
•Click Computers > in the Vulnerabilities column, click the number of vulnerabilities on the selected computer to open the Vulnerabilities section.
Grouping of vulnerabilities
To group vulnerabilities, select from the drop-down menu:
•Ungrouped—default view
•Group by Application Name—vulnerabilities are grouped by vulnerable application name, with numbers of Affected Devices and Vulnerabilities. When grouped, click an application row and click Show Vulnerabilities to display vulnerabilities for the selected application.
•Group by CVE—vulnerabilities are grouped by the CVE (Common Vulnerabilities and Exposure) number. A CVE is an identification number of a vulnerability. When grouped, click a CVE row and click Show Devices to display devices (computers) with the vulnerability.
Filtering the view
To add filtering criteria, click Add Filter and select item(s) from the list. Type the search string(s) or select the items from the drop-down menu in the filter field(s) and press Enter. Active filters are highlighted in blue.
•Application name—the application name with the vulnerability
•Application version—the application version
•Application vendor—the application vendor with the vulnerability
•Risk score—vulnerability risk score from 0 to 100
•CVE—a CVE (Common Vulnerabilities and Exposure) number, which is an identification number of a vulnerability
•Computer name—the name of the affected computer; click the computer name to view the details of the computer with the vulnerability
•Category—Vulnerability category:
oApplication vulnerability
oOperating system vulnerability
•First seen—The date and time when the vulnerability was first detected on the device
|
Risk score—assesses the severity of computer system security vulnerabilities. A risk score is calculated on the following: •CVSSv2/CVSSv3 •CVE popularity—indicates the vulnerability activity level •Compromised risk rate—indicates the number of devices with confirmed vulnerability •CVE lifecycle—indicates the time elapsed since the vulnerability was first reported A risk score is indicated in: •grey (0–29)—low severity •yellow (30–59)—medium severity •red (60–100)—critical severity |
Vulnerability preview
Click an application name to view vulnerability details in a side panel. Vulnerability preview manipulation includes:
•
Next—displays the next vulnerability in the vulnerability preview side panel
•
Previous—displays the previous vulnerability in the vulnerability preview side panel
•
Manage content for Vulnerability Details—manages how the vulnerability preview side panel sections are displayed and in what order
•
Close—closes the vulnerability preview side panel
For more information, refer to the list of apps covered in Vulnerabilities.
Mute/Unmute Vulnerability
You can mute or unmute vulnerability on devices:
•Click the computer row and click Mute Vulnerability/Unmute Vulnerability
•Select the computer and click the Mute Vulnerability/Unmute Vulnerability button at the bottom of the page
•Select the computer and click the Actions button, then select Mute Vulnerability/Unmute Vulnerability
Vulnerability scan
You can start immediate vulnerability and missing patches scan on a selected device:
•Click the computer row and select Computer > Scan > Vulnerability scan
•Select the computer and click the Actions button, then select Computer > Scan > Vulnerability scan
•Select any group, click then select Tasks > Scan > Vulnerability scan
Task Start vulnerability scan is scheduled to execute as soon as possible.
|
The task may have a higher demand on the device resources for up to 10 minutes. |
You can create a report template with vulnerability data and then add the report to the Dashboard.
For more information, see Vulnerability & Patch Management FAQ.