Hi all, following the recent announcement regarding CVE-2020-0601, one of our clients has requested a report on all our systems identifying which devices are vulnerable. Is it possible to generate such a report from Automox yet? That would be awesome!
Hi @sparrowhawk, thank you for the feedback. We’ve identified and resolved that issue. Would you mind searching that CVE again for your clients and confirming with us that it’s working as intended now?
Hi Greg, forgive my ignorance, but where do I search?
No worries. The Software page is the place to search for CVE-2020-0601 and you can also search by the KB.
Ah, I thought so. That doesn’t give me what I was after unfortunately. That shows the number of devices waiting to be patched or that have been patched. What it doesn’t show is the device names. It would be great if that could be included as a feature. It would make reporting to non-technical users much simpler. Thanks
Apologies, I didn’t re-read your initial post. The Software page is the starting point, if you click on the number of Patch Available or Patch Installed, it will take you to the Devices page with the appropriate filters for that CVE. That is not entirely clear in the UI today and we are planning to work on that in the future.
That’s good to know it’s on the roadmap. It would save me lots of time and enable me to react quickly to client requests for assurances that we are protected. Thanks Greg!
Just to make the process clear for anyone who is reading, here’s how you get to all the devices:
Go to the Software page and enter CVE-2020-0601 in the search bar:
There’s a separate entry for each affected version of Windows, which is why you see multiple lines. Any entry that has the red Patch Available button, click on it.
That takes you to the devices page with the filters for Not Installed and the entry for that version of Windows:
Select all the devices and click Export to download a csv file.
Go back to the Software page and repeat the process for each entry that shows up when you search for CVE-2020-0601. You can then combine the csv files into one document for reporting purposes. Apologies that the process is manual and repetitive right now until we improve the UI to allow you to select multiple lines from the Software page to report on.
Keep in mind if you install from the software page it will not reboot the systems and this update won’t complete the patching process until the reboot takes place. After installing, if you go to the devices page and filter by “Needs attention” you will see what systems are waiting for reboot.