VIPRE's Patch Management engine allows VIPRE to support automatic updates to more products and improve the frequency of monitoring for recent software releases.
There are two ways to manage the new Vulnerability and Patch Management options within VIPRE Endpoint Security Cloud. This article will discuss Applications. Refer to Related Articles for details on Vulnerabilities.
Applications
Applications, in this case, refer to a list of the currently installed software applications on devices in your site or organization that are not up-to-date. This list shows you not only the name of the application but the version currently installed, the most recent version available, and how many devices in your organization need the update, among other bits of helpful information.
- On the left-side panel, under Manage, select Applications
At the top of the Applications screen, you can:
- Filter the list by Vendor, Application, and/or Version
- Type search parameters in the Search box on the right
- Bulk update applications to the latest version by selecting the checkboxes next to the application names and clicking the Update to Latest button in the top-right part of the screen
A - Application
Clicking on the name of the application will bring you to a screen providing more details, including the hostname of the affected devices, the user on that device using that application, the currently installed version, the policy the device is assigned to, the type of device, and the operating system in use on the device.
- Clicking on the Hostname link will bring you to the device details screen
- For more details on this screen, refer to Related Articles for an introduction to devices and agents
- Clicking on the Version link will bring you to a version details screen
- Refer to B - Installed Version below
B - Installed Version
The currently installed version of the affected application; clicking on the version will bring you to a version details page.
The version details page has two views: Devices and Vulnerabilities
Devices will show the currently installed application version, how many devices have that version installed, the name of the devices, the users on those devices, the policy that device is assigned to, the type of workstation the device is, and the operating system running on that device.
Vulnerabilities will show the number of vulnerabilities associated with that software version, the CVE identifier, the CVSS Score, the date the security flaw was published, how many devices are affected, and the ability to update individual CVD IDs.
Update to the Latest Version
You can update to the latest version of the application from this screen in one of the following ways:
- From the Devices view, select the checkbox of the devices you'd like to update
- Click Update Selected above the table on the right side of the screen
or
- From the Vulnerabilities view, select Update in the Remediation column
or
- Click the Update to Latest on all Devices button in the top right corner of the screen
C - Latest Available
Latest Available refers to the most recently available version of the application in question.
Between the Installed Version and Latest Version columns, you'll see one of two icons (as pictured in the screenshot above).
- Double green checkmarks mean the latest version is installed
- A blue right arrow means the application still requires an update
Clicking on the Latest Available version link willl bring you to a version details screen, similar to those you've seen before in this documentation.
D - Devices
Clicking on the number of devices will bring you to the Devices view of the Version details screen.
Devices will show the currently installed application version, how many devices have that version installed, the name of the devices, the users on those devices, the policy that device is assigned to, the type of workstation the device is, and the operating system running on that device.
E - Vulnerabilities
The Vulnerabilities column shows you the total number of security flaws, including a breakdown based on severity.
- Clicking on the total number will bring you to the Vulnerabilities view of the Version details screen, showing you all CVE IDs associated with that particular version and the option to update the application
- On the graphs, hovering your mouse over each bar will break down the number of vulnerabilities by CVSS Score.
- For example: In the screenshot below, the first row shows a total of 755 vulnerabilities; hovering your mouse over the red bar shows that out of those 755 security flaws, 27 are categorized as Critical
F - Fixed by Latest
Fixed by Latest shows you how many vulnerabilities are fixed by updating to the most recent version of the application.
In the two examples in the screenshot above, you can see the first application's latest version fixes none of the 10 known vulnerabilities. The second application, however, fixes all 4 of the known vulnerabilities with the latest version.
G - Action
Action allows you to take action towards resolving the security flaw
- Update - Clicking Update will automatically update the application to the latest version
- Instructions - Clicking Instructions will bring you to the software developer's website with instructions on how to manually update the application
- Up-to-date - Up-to-date means there is no action to be taken as the application has already been updated to the latest version
The following video shows a brief tour of the Applications screen within Endpoint Security Cloud.