Edit

Share via

Security advisories

  • Applies to: Microsoft Defender Vulnerability Management, Microsoft Defender for Endpoint Plan 2, Microsoft Defender XDR, Microsoft Defender for Servers Plan 1 & 2

Note

The Vulnerability Management section in the Microsoft Defender portal is now located under Exposure management. With this change, you can now consume and manage security exposure data and vulnerability data in a unified location, to enhance your existing Vulnerability Management features. Learn more.

These changes are relevant for Preview customers (Microsoft Defender XDR + Microsoft Defender for Identity preview option).

Security advisories provide an efficient way to view, track, and monitor firmware advisories for affected devices. You can filter on exposed devices and view advisories that affect specific devices. With these advisories, security teams can take action more quickly to prevent attackers from targeting firmware vulnerabilities.

Note

  • This capability is currently available in public preview and might be substantially modified before it's commercially released.
  • To use this feature, you must have Microsoft Defender Vulnerability Management Standalone or if you're already a Microsoft Defender for Endpoint Plan 2 customer, the Defender Vulnerability Management add-on.

Tip

Did you know you can try all the features in Microsoft Defender Vulnerability Management for free? Find out how to sign up for a free trial.

View firmware security advisories

Security advisories include information about specific versions of affected devices or software that are affected in your organization. If available, instructions are provided for how to update the firmware to address the vulnerability.

To view firmware security advisories:

In the Microsoft Defender portal, select the Vulnerability management Security advisories tab. This might be available under the Vulnerabilities or Weaknesses page, depending on if you're an XDR/MDI Preview customer. For more information, see Microsoft Defender Vulnerability Management and Microsoft Security Exposure Management integration.

Screenshot of the security advisory filtered view.

Security advisory vendor support

Security advisories are available for the following vendors: Lenovo, Dell, HP.

For each published advisory, you can see the following information:

  • Advisory ID
  • Severity (provided by the vendor)
  • Related CVEs
  • Advisory link
  • Vendor
  • Age
  • Published on
  • Updated on
  • Exposed devices
  • Last updated on