0
I have a set of KBs that are installed on a given Windows box. Generally, I would like to know if those KBs are sufficient to mitigate any known CVEs. I realize that Microsoft used to maintain a mapping of KBs to CVEs that I could use as a lookup source, but this changed back in March of 2017. Regardless, I want to make sure that I also understand how a newer KB might supersede an older one.
So, in summary, my question is: going forward (post March 2017), how does one know if there are KBs relevant to CVEs that still need to be installed?
As an example, suppose that my Windows box has KB1 and KB2 installed, but not KB3 and KB4 (both of which are associated with CVEs). Clearly, I might want both, but if there's a KB5 (or other "rollup" that bundles these things), I might want that instead. I'm just looking for the best way to understand what my mitigation options are given the Microsoft ecosystem.
My main interest relates to Windows 10 and go-forward, but we do have some older Windows 7 and Windows 8 boxes (though I know they are ending or have ended mainstream support).
Thanks in advance
CharlieBucket
Posted 2017-08-22T23:14:01.263
Reputation: 1
Which version of Windows? Windows cumulative security updates are called something else on Windows 7 and Windows 10 – Ramhound – 2017-08-22T23:24:10.083
Sorry, Windows 10 is my main concern, although we still have Windows 8 and Windows 7 boxes (yet I know they are not supported or ending mainstream support soon) – CharlieBucket – 2017-08-24T12:26:02.850
Alright so are you talking about the quality cumulative updates which include security updates plus quality of life updates or just the monthly cumulative updates? Why are we only talking about post March 2017? – Ramhound – 2017-08-24T12:36:21.240