The estimated reading time 1 minutes
For some time now, I have been using M365 Defender for Business in my small tenant without Intune Management. This allows small networks to be monitored very well via the cloud. At regular intervals, I also look at the “Security recommendations”. During this routine check, however, I was somewhat shocked. After all, no alerts, which I would notice immediately, but exposure level: High!
So I took a look at the affected software and quickly found the “culprit”. This is not about software bashing or finger-pointing, which is important. It is about explaining the simple finding of vulnerabilities. In the details of the recommendations, the following was found:
It was immediately clear that a “new” software must have been added, and sure enough, I had experimented with PGP encryption and downloaded a nice tool for it.
Within Defender, CVEs can be listed, and you can immediately see their age.
Additionally, the paths of individual files with CVEs can be evaluated, which can play a central role in remediation. If there are several entries, they can be conveniently exported as CSV and filtered accordingly.
Those interested in the impacts and functionalities of CVEs can obtain detailed information in the Security Center.
The mentioned software has been removed. Unfortunately, software providers do not always reveal their cards, and it is advisable to use a tool for vulnerability scanning.
Good luck with your vulnerability search. If you liked the article, please click on ‘Helpful’.
