Security Center can detect and fix Windows system vulnerabilities. This topic describes how to view and handle Windows system vulnerabilities.

Background information

Security Center synchronizes security updates from the official Microsoft website in real time. This allows Security Center to effectively detect high-risk vulnerabilities and alert you to potential threats. This also prevents attackers from exploiting Windows system vulnerabilities that compromise the security of your server.

Note The Basic and Basic Anti-Virus editions of Security Center only detect vulnerabilities. To use the vulnerability fix feature, you must upgrade Security Center to the Advanced or Enterprise edition. For more information about the features supported by each edition of Security Center, see Features.

View the details of vulnerabilities

  1. Log on to the Security Center console.
  2. In the left-side navigation pane, choose Precaution > Vulnerabilities.
  3. On the Vulnerabilities page, click the Windows System tab.
  4. On the Windows System tab, view and handle all Windows system vulnerabilities that are detected by Security Center.
    You can perform the following operations on the tab:
    • View vulnerability detailsView vulnerability details
    • View vulnerability priorities
      The priorities of vulnerabilities are displayed in different colors in the Affected Assets column. The number in each row of this column indicates the total number of the assets affected by a vulnerability. The following section describes the relationship between colors and a priorities:
      • Red: High
      • Orange: Medium
      • Gray: Low
      View vulnerability priorities
      Note We recommend that you immediately fix vulnerabilities that have High priority.
    • Add vulnerabilities to the whitelist

      On the Windows System tab, select vulnerabilities and click Add to Whitelist to add them to the whitelist. Security Center no longer generates alerts for vulnerabilities that are added to the whitelist.

      Add vulnerabilities to the whitelist

      After you add vulnerabilities to the whitelist, these vulnerabilities are removed from the vulnerability list of the Windows System tab. Then, you can click Settings in the upper-right corner to view these vulnerabilities in the Vul Whitelist list.

      If you want Security Center to detect and generate alerts on a vulnerability that is added to the whitelist, select the vulnerability in the Vul Whitelist column in the Settings panel and click Remove.

      Vul Whitelist
    • Filter vulnerabilities

      On the Windows System tab, filter vulnerabilities based on the following criteria: priority (high, medium, or low), vulnerability status (handled or unhandled), asset group, VPC name, and vulnerability name.

      Filter vulnerabilities
      Note Fuzzy match is supported for vulnerability search by name.
    • Export vulnerabilities

      On the Windows System tab, click the Export icon to export and save all detected Windows system vulnerabilities to your machine. The vulnerabilities are exported to Excel files.

      Note It may take a long time to export the vulnerabilities based on the size of vulnerability data.

View vulnerability details and manage vulnerabilities

  1. Log on to the Security Center console.
  2. In the left-side navigation pane, choose Precaution > Vulnerabilities.
  3. On the Vulnerabilities page, click the Windows System tab.
  4. On the Windows System tab, click the name of a vulnerability in the Vulnerability column to go to the Detail tab. Alternatively, click Fix in the Actions column of a vulnerability in the Vulnerability column.
    You can view the details of vulnerabilities on the Detail tab. You can also view the number of unhandled vulnerabilities and affected assets on the Pending vulnerability tab.Detail tab
  5. On the Detail tab, view and manage vulnerabilities.
    You can perform the following operations:
    • View vulnerability details

      The Detail tab displays all the affected assets and vulnerabilities that are associated with the vulnerability. You can analyze and manage multiple vulnerabilities at a time.

      • On the Detail tab, you can view the information about all associated vulnerabilities.
      • Click the Pending vulnerability tab to go to the Affected Assets column on the Detail tab.

        In the Affected Assets column, view the affected assets and the status of the vulnerability. You can also verify, fix, ignore, or add the vulnerability to the whitelist.

      Unhandled vulnerabilities
    • View vulnerability priorities
      For more information about the priorities of Windows system vulnerabilities, visit the Microsoft official website. Vulnerability priorities are marked in different colors:
      • Red: High priority. The equivalent severity at the Microsoft official website is Critical or Important.
      • Orange: Medium priority. The equivalent severity at the Microsoft official website is Moderate.
      • Gray: Low priority. The equivalent severity at the Microsoft official website is Low.
      Note We recommend that you immediately fix vulnerabilities that have High priority.
    • View vulnerability status
      • Handled
        • Handled: The vulnerability is fixed.
        • Ignored: The vulnerability is ignored. Security Center no longer generates alerts when this vulnerability is detected.
      • Unhandled
        • Unfixed: The vulnerability is to be fixed.
        • Fixing: The vulnerability is being fixed.
        • Fix Failed: Security Center failed to fix the vulnerability. The file that contains vulnerabilities data may have been modified or does not exist.
        • Verifying: After the verification is performed, the vulnerability status changes to Verifying.
    • Manage affected assets

      In the Actions column, you can fix, verify, ignore, or add the vulnerability to the whitelist.

      Fix vulnerabilities

      You can perform the following operations based on your needs:

      • Fix vulnerabilities
        Fix vulnerabilities based on the following scenarios:
        • The Fix button is available

          Select one or more associated vulnerabilities and click Fix. Security Center automatically creates snapshots and fixes vulnerabilities. You can select Create snapshots automatically and fix or Skip snapshot backup and fix directly as needed.

          Note
          • The system may fail to fix a vulnerability. We recommend that you select Create snapshots automatically and fix to create a snapshot of the system before you click Fix Now. For more information about snapshots, see Overview.
          • You are billed based on the billing methods of the snapshot service.For example, if the size of the system disk is 40 GB, the fees for snapshot storage are USD 0.005 per day. For more information, see Snapshot.
          Fix Windows system vulnerabilities
        • The Fix button is unavailable
          If the disk space of a server is insufficient or the Windows Update service is running, the vulnerabilities fail to be fixed and the Fix button is dimmed. To fix the vulnerabilities, you must address the preceding issues on the server. To view the server issues and solutions provided by Security Center, move the pointer over the Fix button. You must manually address the following issues:
          • The Windows Update service is running.

            Solution: Wait for a few minutes and try to fix the vulnerabilities again. Alternatively, terminate the Wusa process on the server and try to fix the vulnerabilities in the Security Center console.

          • The Windows Update service is disabled.

            Solution: Start the Task Manager of the server and enable the Windows Update service. Then, try to fix the vulnerabilities again in the Security Center console.

          • The server disk space is less than 500 MB.

            Solution: Extend or clear the disk. Then, try to fix the vulnerabilities again in the Security Center console.

      • Verify a vulnerability fix

        Select a vulnerability or multiple associated vulnerabilities and click Verify to check whether the vulnerability is fixed.

        After you click Verify, the Status of the vulnerability changes to Verifying. It takes several seconds to verify the fix.

      • Add vulnerabilities to the whitelist

        In the upper-right corner of the Detail tab, click Add to Whitelist to add a vulnerability to the whitelist. After you add the vulnerability to the whitelist, Security Center no longer generates alerts when this vulnerability is detected.

        After you add vulnerabilities to the whitelist, these vulnerabilities are removed from the vulnerability list of the Windows System tab. Then, you can click Settings in the upper-right corner to view these vulnerabilities in the Vul Whitelist list.

        If you want Security Center to detect and generate alerts on a vulnerability that is added to the whitelist, select the vulnerability in the Vul Whitelist column in the Settings panel and click Remove.

      • Ignore a vulnerability

        On the Detail tab, find the vulnerability you want to ignore, click the Ignore a vulnerability or undo a vulnerability fix icon in the Actions column, and then select Ignore. After a vulnerability is ignored, Security Center no longer generates alerts when this vulnerability is detected.

        Note The status of this vulnerability changes to Ignored. If you want Security Center to generate alerts on an ignored vulnerability, click the vulnerability in the Handled vulnerability list and click Unignore on the Detail tab.
    • Search for affected assets

      On the Pending vulnerability tab, you can filter affected assets by vulnerability priority (high, medium, or low), asset group, vulnerability status (handled or unhandled), server IP address, VPC name, or server name.

      Search
      Note Fuzzy match is supported to search for vulnerabilities by server IP address or name.
    • Export affected assets
      In the upper-left corner of the Pending vulnerability tab, click the Export icon icon to export and save all affected assets to your computer. The assets are exported to an Excel file.
      Note It may take a long time to export the assets based on the size of asset data.
    • Save filtered vulnerabilities

      In the upper-left corner of the Pending vulnerability tab, click the Save icon icon to save the filtered vulnerabilities as a group. This way, you can keep monitoring the vulnerability status of this group.

      Save filtered vulnerabilities

References

The "0x80240017 104 (Patch Not Applicable)" error is returned when you fix Windows vulnerabilities