by Carole Fennelly
August 23, 2023
Microsoft Patch Tuesday is a monthly challenge for operations teams that run Microsoft products, especially if critical or zero-day vulnerabilities are announced. Operations teams are often left scrambling to get patches deployed in the face of users who do not want their daily work interrupted by deployment activities, such as a reboot. This dashboard provides a comprehensive view of the organization’s Microsoft Patch Tuesday status over time, to help organizations identify the most difficult issues to remediate.
Systems that fall behind on patching efforts may have stability issues, security holes, or have outdated features. Operations teams must be able to quickly detect these vulnerable devices, and be alerted when patching efforts fall behind organizational requirements to prioritize remediation. The Patch Tuesday bulletins cover a wide range of Microsoft operating systems and applications with varying levels of severity. Tenable recommends verifying that scans have been performed using privileged credentials to ensure the most accurate results.
Displayed is an overall perspective of the most prevalent missing Patch Tuesday updates to date, sorted by operating system and application. Data can be viewed by the plugin that has detected the highest count of missing Patch Tuesday updates along with the assets that are affected the most with a breakdown of a percentage of all levels of severity for the assets.
A more granular breakdown of all missing Patch Tuesday updates by month and year enables organizations to view information on the effectiveness of the organization’s vulnerability remediation program. Also displayed are total counts for Patch Tuesday updates that were missing, but have now been fixed. This information helps security managers identify gaps in patching and determine if there is a pattern on assets that were left unpatched. Analyzing the data provides insight into adjustments that are needed to make remediation plans more effective.
Security leaders need to SEE everything, PREDICT what matters most and ACT to address cyber risk and effectively align cybersecurity initiatives with business objectives. Tenable Vulnerability Management discovers and analyzes assets continuously to provide an accurate and unified view of an organization's security posture. The requirement for this dashboard is: Tenable Web App Scanning.
Widgets
The Most Missing Pre-2023 Tuesday Patches: This widget displays the most prevalent missing Microsoft Patch Tuesday updates from years prior to 2023. The data is filtered by operating system and application and is sorted by count. The requirements for this widget are: Tenable Vulnerability Management (Nessus, NNM).
Hosts Missing the Most Pre-2023 Tuesday Updates: This widget displays hosts that are currently missing the most Microsoft Patch Tuesday updates from years prior to 2023. The data is filtered by operating system and application and is sorted by count. The requirements for this widget are: Tenable Vulnerability Management (Nessus, NNM).
Patch Tuesday Updates from 2022 Still Missing: This widget displays the most prevalent missing Microsoft Patch Tuesday updates from the year 2022. The data is filtered by operating system and application and is sorted by count. The requirements for this widget are: Tenable Vulnerability Management (Nessus, NNM).
Outstanding Microsoft Remediations – Time since Patch Publication: This widget displays the total count of missing patches related to Microsoft Security Bulletins using the Windows: Microsoft Bulletins and Windows plugin families. The matrix is comprised of five columns. The first column provides a count of the vulnerabilities that are exploitable, and the last four columns provide counts of vulnerabilities based on severity levels. Each row filters the vulnerabilities based on the patch publication date of less than 30 days ago, 31-90 days, 91-180 days, and greater than 181 days. The requirements for this widget are: Tenable Vulnerability Management (Nessus, NNM).
Microsoft Patches Reported as Being Fixed: This widget displays the plugins using the Windows: Microsoft Bulletins and Windows plugin families along with a Fixed filter to detect assets that are fixed in the environment. Drilling into the plugin name displays the assets for which the plugin detected the patches in the bulletin to have been fixed. The requirements for this widget are: Tenable Vulnerability Management (Nessus, NNM).
Patch Tuesday Updates from 2023 Still Missing: This widget displays the most prevalent missing Microsoft Patch Tuesday updates for each month from the year 2023. The data is filtered by operating system and application and is sorted by count. The requirements for this widget are: Tenable Vulnerability Management (Nessus, NNM).
Patch Tuesday Updates from 2024 Still Missing: This widget displays the most prevalent missing Microsoft Patch Tuesday updates for each month from the year 2024. The data is filtered by operating system and application and is sorted by count. The requirements for this widget are: Tenable Vulnerability Management (Nessus, NNM).
Patch Tuesday Updates from 2025 Still Missing: This widget displays the most prevalent missing Microsoft Patch Tuesday updates for each month from the year 2025. The data is filtered by operating system and application and is sorted by count. The requirements for this widget are: Tenable Vulnerability Management (Nessus, NNM).