With AdminStudio 2021 just around the corner, I wanted to share what we've done to increase the value of the Package Feed Module. In the video below I talk about the improvements which include third party custom installation wizards for Windows Installer packages, validated silent uninstall command line details and icon images, as well as a demonstration. Let us know what you think! ... View more

Exciting new improvements arrive soon to provide even more valuable Threat Scores so you can more accurately focus on those vulnerabilities more likely to be exploited. Specifically, we are planning to publish this update on Thursday, March 11 th . Threat Scores in SVM help you to focus on the patches that will have the biggest impact on lowering your organizations risk in a more impactful way that by criticality alone. When you consider that less than 8% of disclosed vulnerabilities actually see an exploit in the wild, the value of an accurate Threat Score is clear. Further, if you were to focus on CVSS criticality values alone and prioritize those with a score higher than 7, you would miss as much as half the vulnerabilities that are exploited! SVM provides incredible insights when positioning this valuable data alongside our vulnerability intelligence as well as how frequently (and where) such vulnerabilities exist in your environment. All this to help you do the very important job of prioritizing what patches you will address. SVM now provides the largest patch catalog on the market, so patching everything for you have a patch would be a massive undertaking considering new patches are released regularly. If you are like most enterprises and can only deploy about 1 in 10 patches, so choosing the right 10% is key to ensuring you focus on those most impactful. This is why we are very excited to be making some significant improvements to this already valuable capability so many of our customers depend upon. New rules There are several new rules that may be triggered to increase the value of a Threat Score. The weighting of each is dependent upon if the rule was triggered recently or historically but include the following new additions: Evidence an exploit is known to exist in the wild If a proof of concept is confirmed to exist on how to remotely exploit the vulnerability If a proof of concept is believed to exist on how to remotely exploit the vulnerability If tools to exploit the vulnerability are known to have been developed The existence of verified intelligence Changes to weighting As we added more rules that may be triggered, the severity (and value) of many of the existing rules has been carefully adjusted to ensure a valuable score. To review the rules, their impact to the threat score and to review how they are calculated please see our updated product documentation on Threat Scores. When updated, the details on the rules, their affect and examples of how scores are calculated may be found here in our product documentation. The result The updates described will naturally result in changes to existing Threat Scores; some will increase, and others will decrease (and others may remain unchanged). If you have notifications based on Threat Scores, take special note that you may see a fluctuation upon the initial change scheduled for March 11 th , 2021. Threat Score vs CVSS Score I wanted to toss in a reminder Threat Score is quite independent of criticality. Something can have a very low criticality or a very high criticality and that is a measure of how bad it could be if it were exploited. The Threat Score is distinct from this with a focus on likelihood of exploitability. This means there can be a zero-day vulnerability (a vulnerability disclosed prior to the release of a patch) that has a very low Threat Score when we find no evidence anyone is working to exploit it.   Note: this score is dynamic, and changes based upon findings. We are also updating the frequency with which we update the Threat Score from once to twice per day as part of this enhancement. ... View more

Flexera conducts periodic failover tests of the Software Vulnerability Manager (SVM) service. We will be performing failover tests on Saturday, February 27th from 4 AM – 8 AM PST. The Software Vulnerability Manager service may have brief service outage during the following window as the service fails over to a different zone: PST - Saturday, February 27th 4 AM – 8 AM UTC- Saturday, February 27th 12 PM – 4 PM AEDT - Saturday, February 27th 11 PM – Sunday, February 28th 3 AM Our SRE Team has a detailed plan to test our automated failover capabilities. If you notice any issues during the failover period or after the activity, please let us know immediately through your normal channels of communication with Flexera. As always, we welcome your feedback. If you have any questions or concerns about the above information, please let your Customer Success Manager, Project Manager, or our Support team know.     For the latest and similar announcements, please visit https://status.flexera.com  ... View more

Single Sign-On Enhancement Based on customer feedback, Software Vulnerability Manager Cloud Edition now supports the initiation of Single Sign-On via an Identify Provider for authentication. You can click on choose single sign-on on the SVM login page and then provide your official email address to be automatically redirected to the configured Identity Provider in order to initiate the login process. For more details, see Logging on to Software Vulnerability Manager Cloud Edition Using Single Sign-On. Microsoft Intune Integration Enhancements SVM can now wrap multiple paths in support of detection rules for a package by building such into a single PowerShell Script as a custom detection script. There were some cases where a return code was not correctly sent back to Intune after installation on endpoints which resulted in an incorrect deployment status in the Intune console. This issue has now been addressed and a return code for all packages is now sent back to Intune for accurate tracking of package deployment status. We recommend updating to the latest version of the Software Vulnerability Manager Client Toolkit (v4.0.342) for improved Intune support. Patch Daemon Enhancement If you were to generate a new token upon expiration, the Patch Daemon needed to be restarted in order for a successful connection. It can now handle new tokens without need for a restart.   Click here for full release note ... View more

As part of our Packaging Experts Roundtable series, we discussed Package Testing as our primary topic of February 2021.  We discuss, "Types of testing" (Requirements Analysis, Deployment/Launch Validation, Pilot/Functional Testing). We discuss, "When to Test" (Identifying targets; identifying potential problems, validating at the command line, ensuring  deployment is as expected, that the  application functions as expected and the importance of learning  from application specific lessons).  We discuss, "Who Should Test" (Packaging engineer themselves, Peer reviews, End users) And finally, some ways AdminStudio can play a role in helping, including tests for: Windows Compatibility Conflicts with other packages Conflicts with build images Best practices Virtualization / MSIX suitability Java dependences   Check it out: ... View more

We are happy to have introduced the long-awaited capability of supporting the publishing of patches via Intune. We were repeatedly delayed as the necessary APIs remained in beta with Microsoft longer than anticipated. But they were finally released for general availability and we’ve leveraged them to provide our initial integration. In the spirit of agile, we were anxious to get the capability in your hands for real-world use outside our labs to accept your feedback. Below is a list of known issues and upcoming enhancements as of March 19 th , 2021. Fixes for the bulk of the known issues below are being worked on now, with many scheduled to be addressed in our February update.  Known Issues If multiple paths are passed as detection rules, it will fail, if not all paths are available in the system. (Q1) Workaround: Pass path that is relevant to the deployment machine. You can choose specific paths from Step 3 of the patch wizard. For sps.exe, uninstall string may not be properly set right now, but such does not impact the installation of package. (Q1) Today the install and uninstall string for SPS packages is set to the same value in Intune when a publish is made. A dummy uninstall string will be set in Intune for SPS packages. This does not impact the installation. For some patches, a simple return code may not good enough to confirm a successful installation. It is possible a device may have got new software, but Intune interface could show a return code that suggests failure. (H1) Planned Enhancements The ability to pass deployment assignments from SVM (H1) Certificate support for authentication (H1) The ability to manage multiple detection rules and requirements  (H1) Ability to publish to multiple distribution system via single patch daemon (H2) Automated Timestamp signing (H2) The ability to leverage Intune for deployment of the SVM scan agent (Q1) Is there more you'd like to see? Please leverage our Ideas portal to share and vote on the ideas of others! ... View more