I'd like to know how I can export/view information about Windows endpoints that do not apply with specific KB by specific ENDPOINT GROUPS. I can only filter by CVES or ENDPOINTS from the Vulnerability Assessment but not with KBs.
My second question is there a way to query if, for example, a Windows endpoint is not applied with the latest cumulative KB/older KBs?
Hi @haimmiller ,
Thank you for writing to Live Community!
Cortex XDR vulnerability assessment shows you the list of KBs installed on the endpoints. However, it does not show the comparative analysis or assessment for latest KBs as KBs are provided by the vendors and we do not fetch the latest serials into XDR. However, you can list the KBs in couple of ways as listed below:
wmic qfe get HotFixID | find "3004365"
You can add filters of your choice under this to query the data for specific hostnames and also create a visual graph for the list of KBs as per your choice. (Example screenshot below)
Hope this helps!
Please mark the response as "Accept as Solution" if it was able to resolve your query.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!