Security Center can detect and fix Windows system vulnerabilities. This topic describes how to view and handle Windows system vulnerabilities.

Background information

Security Center synchronizes security updates from the official Microsoft website in real time. This allows Security Center to effectively detect high-risk vulnerabilities and alert you to potential threats. This also prevents attackers from exploiting Windows system vulnerabilities that compromise the security of your server.

Note The Basic and Basic Anti-virus editions of Security Center can only detect vulnerabilities. To enable the vulnerability fix feature, upgrade Security Center to the Advanced or Enterprise edition. For more information about features supported by each edition of Security Center, see Features.

View vulnerability details

  1. Log on to the Security Center console.
  2. In the left-side navigation pane, choose Precaution > Vulnerabilities.
  3. On the Vulnerabilities page, click the Windows System tab.
  4. On the Windows System tab, view and handle all Windows system vulnerabilities that are detected by Security Center.
    You can perform the following operations on the tab:
    • View vulnerability detailsView vulnerability details
    • View vulnerability priorities
      The Affected Assets column displays the priority level of each vulnerability and the number of assets that are affected by each vulnerability. Security Center uses different colors to indicate different priority levels.
      • Red: the High priority.
      • Orange: the Medium priority.
      • Gray: the Low priority.
      View vulnerability priorities
      Note We recommend that you immediately fix vulnerabilities whose priority is High .
    • Add vulnerabilities to the whitelist

      On the Windows System tab, select vulnerabilities and click Add to Whitelist to add them to the whitelist. Security Center no longer generates alerts for vulnerabilities that are added to the whitelist.

      Add vulnerabilities to the whitelist

      After you add vulnerabilities to the whitelist, these vulnerabilities are removed from the vulnerability list of the Windows System tab. Then, you can click Settings in the upper-right corner to view these vulnerabilities in the Vul Whitelist list.

      If you want Security Center to detect and generate alerts on a vulnerability that is added to the whitelist, select the vulnerability on the Settings page and click Remove to remove the vulnerability from the whitelist.

      Settings page
    • Filter vulnerabilities

      On the Windows System tab, filter vulnerabilities based on the following criteria: priority (high, medium, or low), vulnerability status (handled or unhandled), asset group, VPC name, and vulnerability name.

      Filter vulnerabilities
      Note You can specify a keyword to search for vulnerabilities whose names contain the keyword.
    • Export vulnerabilities

      On the Windows System tab, click the Export icon icon to export and save all of the detected Windows system vulnerabilities to your machine. Vulnerabilities are exported to Excel files.

      Note The export of vulnerability data takes some time. The time varies based on the amount of data to be exported.

View vulnerability details and manage vulnerabilities

  1. Log on to the Security Center console.
  2. In the left-side navigation pane, choose Precaution > Vulnerabilities.
  3. On the Vulnerabilities page, click the Windows System tab.
  4. On the Windows System tab, click the name of a vulnerability in the Vulnerability column to go to the Detail tab. Alternatively, click Fix in the Actions column of a vulnerability in the Vulnerability column.
    You can view vulnerability details on the Detail tab. You can also view the number of unhandled vulnerabilities and affected assets on the Pending vulnerability tab.Detail tab
  5. On the Detail tab, you can view and manage vulnerabilities.
    You can perform the following operations:
    • View vulnerability details

      The Detail tab displays all the affected assets and vulnerabilities that are associated with the vulnerability. You can analyze and manage multiple vulnerabilities at a time.

      • On the Detail tab, you can view brief information about all associated vulnerabilities.
      • Click the Pending vulnerability tab to go to the Affected Assets column on the Detail tab.

        In the Affected Assets column, view the affected assets and the status of the vulnerability. You can also verify, fix, ignore, or add the vulnerability to the whitelist.

      Unhandled vulnerabilities
    • View vulnerability priorities
      For more information about the priorities of Windows system vulnerabilities, visit the Microsoft official website. Vulnerability priorities are displayed in different colors:
      • Red: High priority. The equivalent severity at the Microsoft official website is Critical or Important.
      • Orange: Medium priority. The equivalent severity at the Microsoft official website is Moderate.
      • Gray: Low priority. The equivalent severity at the Microsoft official website is Low.
      Note We recommend that you immediately fix vulnerabilities whose priority is High.
    • View vulnerability status
      • Handled
        • Fixed: The vulnerability is fixed.
        • Ignored: The vulnerability is ignored. Security Center no longer generates alerts on this vulnerability.
      • Unhandled
        • Unfixed: The vulnerability is not fixed.
        • Fixing: The vulnerability is being fixed.
        • Fix Failed: Security Center failed to fix the vulnerability. The file that contains the vulnerability has been modified or does not exist.
        • Verifying: After the verification is performed, the vulnerability status changes to Verifying.
    • Manage affected assets

      In the Actions column, you can fix, verify, ignore, or add the vulnerability to the whitelist.

      Manage vulnerabilities

      You can perform the following operations based on your needs:

      • Fix vulnerabilities

        Select one or more related vulnerabilities and click Fix. Security Center can automatically create snapshots and fix vulnerabilities. Select Create snapshots automatically and fix or Skip snapshot backup and fix directly based on your needs.

        Note
        • The system may fail to fix a vulnerability. We recommend that you select Create snapshots automatically and fix to create a snapshot of the system. For more information about snapshots, see Overview.
        • Snapshots incur fees. Fees are calculated based on the snapshot service. For example, if the size of a system disk is 40 GB, the fees are USD 0.005 per day. For more information, see Snapshot billing.
        Fix Windows system vulnerabilities
      • Verify vulnerabilities

        You can select one or more vulnerabilities and click Verify to check whether the vulnerabilities are fixed.

        After you click Verify, the status of the vulnerability changes to Verifying. Vulnerability verification takes several seconds.

      • Add vulnerabilities to the whitelist

        In the upper-right corner of the details page of a vulnerability, select one or more vulnerabilities and click Add to Whitelist. After you add the vulnerabilities to the whitelist, Security Center no longer generates alerts on these vulnerabilities.

        After you add vulnerabilities to the whitelist, these vulnerabilities are removed from the vulnerability list of the Windows System tab. Then, you can click Settings in the upper-right corner to view these vulnerabilities in the Vul Whitelist list.

        If you want Security Center to detect and generate alerts on a vulnerability that is added to the whitelist, select the vulnerability on the Settings page and click Remove to remove the vulnerability from the whitelist.

      • Ignore vulnerabilities

        Select a vulnerability that you want to ignore, click Ignore a vulnerability or roll back a vulnerability fix in the Actions column, and then select Ignore. After this operation is complete, Security Center no longer generates alerts on the vulnerability.

        Note After you ignore a vulnerability, the status of the vulnerability changes to Ignored. If you want Security Center to generate alerts on an ignored vulnerability, select the vulnerability in the Handled vulnerability list and click Cancel ignore.
    • Search for affected assets

      On the Pending vulnerability tab, you can filter affected assets by vulnerability priority, asset group, vulnerability status, server IP address, VPC name, or server name. The vulnerability priorities include High, Medium, and Low. The vulnerability status includes Handled and Unhandled.

      Search
      Note Fuzzy match for server IP addresses and names is supported.
    • Export affected assets
      In the upper-left corner of the Pending vulnerability tab, click The Export icon to export affected asset records to your on-premises machine. The exported file is in the Excel format.
      Note The export of asset records takes some time. The time varies based on the amount of asset data to be exported.
    • Save filtered vulnerabilities

      In the upper-left corner of the Pending vulnerability tab, click The Save icon to save the filtered vulnerabilities as a group. This helps you track the status of multiple vulnerabilities at a time.

      Save filtered vulnerabilities

References

The "0x80240017 104 (Patch Not Applicable)" error is returned when you fix Windows vulnerabilities