After security protection is enabled, the system scans your cloud desktops for system vulnerabilities on a daily basis. Detected system vulnerabilities can be fixed with a few clicks. This topic describes how to fix system vulnerabilities.

Background information

Vulnerabilities are flaws in operating system implementation or security policies. Attackers can exploit vulnerabilities to access the data on your servers or undermine the security of your servers. We recommend that you fix detected vulnerabilities in a timely manner to protect your cloud desktops.

Statistics on detected vulnerabilities are collected by severity and status of handling. You can filter vulnerabilities by severity and fix the high-risk ones with priority. If you use the vulnerability fixing feature in the Elastic Desktop Service (EDS) console, the system downloads the patch package for fixing vulnerabilities to a dedicated directory. The system deletes the package three days after the vulnerabilities are fixed.

Procedure

  1. Log on to the EDS console.
  2. In the top navigation bar, select a region.
  3. In the left-side navigation pane, choose Security Center > Vulnerability Fix.
  4. On the Vulnerability Fix page, click the Windows system vulnerability or the Linux software vulnerabilities tab.
  5. Filter vulnerabilities by selecting required options from the Emergency level, Has it been processed, and Workspace drop-down lists.
  6. Find the vulnerability that you want to fix and click Repair in the Actions column.
  7. In the vulnerability details panel, view the affected cloud desktop and fix the vulnerability.
    VulnerabilitiesYou can perform the following operations:
    • Fix the vulnerability
      Click Repair. In the Repair dialog box, you can choose whether to select Automatically create snapshots and repair based on your needs, as shown in the following figure. Repair
    • Verify the vulnerability

      You can click Verification to verify whether the vulnerability is fixed. Perform this operation after the vulnerability is fixed and the cloud desktop is restarted.

    • Ignore the vulnerability

      You can click Ignore to ignore the vulnerability. After you ignore the vulnerability, the system generates no more alerts for the vulnerability for the affected cloud desktop.

    • View details

      You can click Details to view more details about the vulnerability.

    Note You can fix, verify, or ignore multiple vulnerabilities at a time. To do this, select multiple vulnerabilities and click the corresponding button in the lower part of the page.