cancel
Showing results for 
Search instead for 
Did you mean: 

Microarchitectural Data Sampling (MDS) Vulnerabilities [Intel] - Do SVM detect and report on it?

Microarchitectural Data Sampling (MDS) Vulnerabilities [Intel] - Do SVM detect and report on it?

Intel has recently disclosed new 'speculative execution' vulnerabilities  that affect millions of computers with Intel processors. Many tech giants already issued a patch, including Microsoft. Software Vulnerability Manager can detect the security flaws and the missing Microsoft update KB that needs installing.

The vulnerabilities are listed in SA89022 and detected on systems that are not obstructed to fetch Windows Update information from the source that has been configured under Configuration > Settings in SVM 2019. (Settings > Assessment > Scan Configuration in SVM Next). 

SA89022 Full.png

NOTE: If your Windows Update setting in SVM 2019 is set to Managed Server or WMI Check (alone), ensure that KB4499164 (Windows 7) and all other required KBs (for other flavors) are imported to your System Center Configuration Manager database, or imported manually in WSUS and Approved for all hosts. Only then clients can get the data which systems are missing the KBs. 


SA89022.PNG

If your Windows Update settings are set to Online servers or CAB file, you should get the KBs directly in any of your SVM editions only on the systems that have unobstructed online access. 

wu detection.jpg

Tip: Create new host-based Smart Group and use the Missing KB criteria to track every system being impacted in a separate group for proper visibility. 

smart groups MDS.jpg

Was this article helpful? Yes No
No ratings
Version history
Revision #:
4 of 4
Last update:
‎May 16, 2019 02:05 PM
Updated by:
 
Contributors