Apr 12, 2021
09:25 AM
2 Kudos
With AdminStudio 2021 just around the corner, I wanted to share what we've done to increase the value of the Package Feed Module. In the video below I talk about the improvements which include third party custom installation wizards for Windows Installer packages, validated silent uninstall command line details and icon images, as well as a demonstration. Let us know what you think!
... View more
Mar 16, 2021
02:34 PM
Yes, I expect Support will need to help you release the license from the decommissioned server. It is pretty straight forward, but in case it is unclear, you'll find some video instruction here.
... View more
Mar 16, 2021
09:33 AM
I don't want to make assumptions-- please open a ticket so the team can look at your case specifically. If you have AS 2020 Pro, you are entitled and we can help figure out what is going wrong and correct it.
... View more
Mar 16, 2021
09:22 AM
What edition of AdminStudio 2020? WSE is included with the Professional and Enterprise editions.
... View more
Mar 12, 2021
07:42 AM
Sorry for any confusion, as a back end data update, this change took place for the Threat Intelligence module for both SVR and SVM simultaneously. We happened to time it with the release of an SVR update but, as I tried to highlight in the title of this announcement, it affects both SVM and SVR.
... View more
Mar 11, 2021
08:24 AM
Yes @Shoggi I should have pointed out our status area highlights planned event like this update: https://status.flexera.com/
In this case: PST at 5am (UTC 1pm, AEST 12pm)
... View more
Mar 10, 2021
03:20 PM
Excellent feedback @tim_casey , I will investigate our ability to do so!
... View more
Mar 08, 2021
01:42 PM
1 Kudo
Exciting new improvements arrive soon to provide even more valuable Threat Scores so you can more accurately focus on those vulnerabilities more likely to be exploited. Specifically, we are planning to publish this update on Thursday, March 11 th .
Threat Scores in SVM help you to focus on the patches that will have the biggest impact on lowering your organizations risk in a more impactful way that by criticality alone. When you consider that less than 8% of disclosed vulnerabilities actually see an exploit in the wild, the value of an accurate Threat Score is clear. Further, if you were to focus on CVSS criticality values alone and prioritize those with a score higher than 7, you would miss as much as half the vulnerabilities that are exploited!
SVM provides incredible insights when positioning this valuable data alongside our vulnerability intelligence as well as how frequently (and where) such vulnerabilities exist in your environment. All this to help you do the very important job of prioritizing what patches you will address. SVM now provides the largest patch catalog on the market, so patching everything for you have a patch would be a massive undertaking considering new patches are released regularly. If you are like most enterprises and can only deploy about 1 in 10 patches, so choosing the right 10% is key to ensuring you focus on those most impactful.
This is why we are very excited to be making some significant improvements to this already valuable capability so many of our customers depend upon.
New rules
There are several new rules that may be triggered to increase the value of a Threat Score. The weighting of each is dependent upon if the rule was triggered recently or historically but include the following new additions:
Evidence an exploit is known to exist in the wild
If a proof of concept is confirmed to exist on how to remotely exploit the vulnerability
If a proof of concept is believed to exist on how to remotely exploit the vulnerability
If tools to exploit the vulnerability are known to have been developed
The existence of verified intelligence
Changes to weighting
As we added more rules that may be triggered, the severity (and value) of many of the existing rules has been carefully adjusted to ensure a valuable score.
To review the rules, their impact to the threat score and to review how they are calculated please see our updated product documentation on Threat Scores. When updated, the details on the rules, their affect and examples of how scores are calculated may be found here in our product documentation.
The result
The updates described will naturally result in changes to existing Threat Scores; some will increase, and others will decrease (and others may remain unchanged). If you have notifications based on Threat Scores, take special note that you may see a fluctuation upon the initial change scheduled for March 11 th , 2021.
Threat Score vs CVSS Score
I wanted to toss in a reminder Threat Score is quite independent of criticality. Something can have a very low criticality or a very high criticality and that is a measure of how bad it could be if it were exploited. The Threat Score is distinct from this with a focus on likelihood of exploitability. This means there can be a zero-day vulnerability (a vulnerability disclosed prior to the release of a patch) that has a very low Threat Score when we find no evidence anyone is working to exploit it.
Note: this score is dynamic, and changes based upon findings. We are also updating the frequency with which we update the Threat Score from once to twice per day as part of this enhancement.
... View more
Mar 02, 2021
10:49 AM
Can you confirm the product to which you are referring? I expect you may have meant to post this to the FNMS forum. I can move it for you if you'll confirm.
... View more
Feb 19, 2021
11:32 AM
Flexera conducts periodic failover tests of the Software Vulnerability Manager (SVM) service. We will be performing failover tests on Saturday, February 27th from 4 AM – 8 AM PST. The Software Vulnerability Manager service may have brief service outage during the following window as the service fails over to a different zone:
PST - Saturday, February 27th 4 AM – 8 AM UTC- Saturday, February 27th 12 PM – 4 PM AEDT - Saturday, February 27th 11 PM – Sunday, February 28th 3 AM Our SRE Team has a detailed plan to test our automated failover capabilities. If you notice any issues during the failover period or after the activity, please let us know immediately through your normal channels of communication with Flexera. As always, we welcome your feedback. If you have any questions or concerns about the above information, please let your Customer Success Manager, Project Manager, or our Support team know.
For the latest and similar announcements, please visit https://status.flexera.com
... View more
Feb 17, 2021
01:41 PM
Single Sign-On Enhancement
Based on customer feedback, Software Vulnerability Manager Cloud Edition now supports the initiation of Single Sign-On via an Identify Provider for authentication. You can click on choose single sign-on on the SVM login page and then provide your official email address to be automatically redirected to the configured Identity Provider in order to initiate the login process.
For more details, see Logging on to Software Vulnerability Manager Cloud Edition Using Single Sign-On.
Microsoft Intune Integration Enhancements
SVM can now wrap multiple paths in support of detection rules for a package by building such into a single PowerShell Script as a custom detection script.
There were some cases where a return code was not correctly sent back to Intune after installation on endpoints which resulted in an incorrect deployment status in the Intune console. This issue has now been addressed and a return code for all packages is now sent back to Intune for accurate tracking of package deployment status.
We recommend updating to the latest version of the Software Vulnerability Manager Client Toolkit (v4.0.342) for improved Intune support.
Patch Daemon Enhancement
If you were to generate a new token upon expiration, the Patch Daemon needed to be restarted in order for a successful connection. It can now handle new tokens without need for a restart.
Click here for full release note
... View more
Feb 16, 2021
08:48 AM
1 Kudo
To add on to this, I wanted to clarify that it is the focus of SVM to identify, prioritize and publish patches to address software vulnerabilities and that is seldom applicable to device drivers. Further, Dell and other manufacturers already make public patch catalogs available which can be easily leveraged natively within ConfigMgr via the SCUP catalogs they maintain.
The whitepaper on integrating with SCCM and SCUP is available End-to-End Deployment of Updates
... View more
Feb 11, 2021
03:02 PM
1 Kudo
As part of our Packaging Experts Roundtable series, we discussed Package Testing as our primary topic of February 2021.
We discuss, "Types of testing" (Requirements Analysis, Deployment/Launch Validation, Pilot/Functional Testing).
We discuss, "When to Test" (Identifying targets; identifying potential problems, validating at the command line, ensuring deployment is as expected, that the application functions as expected and the importance of learning from application specific lessons).
We discuss, "Who Should Test" (Packaging engineer themselves, Peer reviews, End users)
And finally, some ways AdminStudio can play a role in helping, including tests for:
Windows Compatibility
Conflicts with other packages
Conflicts with build images
Best practices
Virtualization / MSIX suitability
Java dependences
Check it out:
... View more
Re: how does flexera helps in knowing application level inventory ?.


Feb 01, 2021
07:40 AM
Feb 01, 2021
07:40 AM
Can you elaborate on what you mean by application level detailing?
Without completely understanding, I'll take a shot: AdminStudio decompresses setup imported in order to analyze its contents to determine application compatibility issues, conflicts, Java dependencies, etc. No up front knowledge of the setup is required.
... View more
Jan 29, 2021
02:00 PM
We are happy to have introduced the long-awaited capability of supporting the publishing of patches via Intune. We were repeatedly delayed as the necessary APIs remained in beta with Microsoft longer than anticipated. But they were finally released for general availability and we’ve leveraged them to provide our initial integration. In the spirit of agile, we were anxious to get the capability in your hands for real-world use outside our labs to accept your feedback. Below is a list of known issues and upcoming enhancements as of March 19 th , 2021. Fixes for the bulk of the known issues below are being worked on now, with many scheduled to be addressed in our February update.
Known Issues
If multiple paths are passed as detection rules, it will fail, if not all paths are available in the system. (Q1)
Workaround: Pass path that is relevant to the deployment machine. You can choose specific paths from Step 3 of the patch wizard.
For sps.exe, uninstall string may not be properly set right now, but such does not impact the installation of package. (Q1)
Today the install and uninstall string for SPS packages is set to the same value in Intune when a publish is made. A dummy uninstall string will be set in Intune for SPS packages. This does not impact the installation.
For some patches, a simple return code may not good enough to confirm a successful installation. It is possible a device may have got new software, but Intune interface could show a return code that suggests failure. (H1)
Planned Enhancements
The ability to pass deployment assignments from SVM (H1)
Certificate support for authentication (H1)
The ability to manage multiple detection rules and requirements (H1)
Ability to publish to multiple distribution system via single patch daemon (H2)
Automated Timestamp signing (H2)
The ability to leverage Intune for deployment of the SVM scan agent (Q1)
Is there more you'd like to see? Please leverage our Ideas portal to share and vote on the ideas of others!
... View more
About
Founder of ITNinja (formerly AppDeploy), author, Microsoft MVP and regular speaker on topics related to application and desktop management and security. Check out a portfolio of my work at https://www.bkelly.com
Director, Product Management
Charlotte, NC
Latest posts by bkelly
Subject | Views | Posted |
---|---|---|
32 | Apr 12, 2021 09:25 AM | |
27 | Mar 16, 2021 02:34 PM | |
115 | Mar 16, 2021 09:33 AM | |
127 | Mar 16, 2021 09:22 AM | |
259 | Mar 12, 2021 07:42 AM | |
314 | Mar 11, 2021 08:24 AM | |
341 | Mar 10, 2021 03:20 PM | |
447 | Mar 08, 2021 01:42 PM | |
123 | Mar 02, 2021 10:49 AM | |
128 | Feb 19, 2021 11:32 AM |
Activity Feed
- Posted Package Feed Module Enhancements Coming Soon! on AdminStudio Blog. Apr 12, 2021 09:25 AM
- Got a Kudo for Package Feed Module Enhancements Coming Soon!. Apr 12, 2021 09:25 AM
- Got a Kudo for Package Feed Module Enhancements Coming Soon!. Apr 12, 2021 09:25 AM
- Posted Re: Is wise script part of admin studio? on AdminStudio Forum. Mar 16, 2021 02:34 PM
- Posted Re: Is wise script part of admin studio? on AdminStudio Forum. Mar 16, 2021 09:33 AM
- Posted Re: Is wise script part of admin studio? on AdminStudio Forum. Mar 16, 2021 09:22 AM
- Posted Re: New and Improved Threat Scores in SVM and SVR on Software Vulnerability Management Blog. Mar 12, 2021 07:42 AM
- Posted Re: New and Improved Threat Scores in SVM and SVR on Software Vulnerability Management Blog. Mar 11, 2021 08:24 AM
- Posted Re: New and Improved Threat Scores in SVM and SVR on Software Vulnerability Management Blog. Mar 10, 2021 03:20 PM
- Got a Kudo for New and Improved Threat Scores in SVM and SVR. Mar 08, 2021 02:30 PM
- Posted New and Improved Threat Scores in SVM and SVR on Software Vulnerability Management Blog. Mar 08, 2021 01:42 PM
- Posted Re: Cognos license on AdminStudio Forum. Mar 02, 2021 10:49 AM
- Posted SVM Disaster Recovery Testing on Software Vulnerability Management Blog. Feb 19, 2021 11:32 AM
- Posted SVM Feb 2021 Update on Software Vulnerability Management Release Blog. Feb 17, 2021 01:41 PM
- Got a Kudo for Re: Can we use SVM for patching Dell Drivers?. Feb 16, 2021 09:18 AM
- Posted Re: Can we use SVM for patching Dell Drivers? on Software Vulnerability Management Forum. Feb 16, 2021 08:48 AM
- Got a Kudo for Package Testing Webinar (Feb 2021). Feb 11, 2021 04:19 PM
- Posted Package Testing Webinar (Feb 2021) on AdminStudio Blog. Feb 11, 2021 03:02 PM
- Posted Re: how does flexera helps in knowing application level inventory ?. on AdminStudio Forum. Feb 01, 2021 07:40 AM
- Posted SVM Support for Intune on Software Vulnerability Management Blog. Jan 29, 2021 02:00 PM