Are vulnerability scanners aware of 0patch, or do they keep reporting vulnerabilities that are micropatched?

mitja.kolsek -

Unfortunately vulnerability scanners are oblivious to 0patch. They infer the presence of vulnerabilities from versions provided by the endpoint or from official patches/updates applied, and 0patch affects none of these. It is only through an actual vulnerability test that you can see 0patch fixed the vulnerability. For instance, you can use Secura's Zerologon test to see that 0patch removed the Zerologon vulnerability. We test each and every micropatch we issue with such a test.

For information on adding 0patch data to vulnerability scanner results, please see this article: Can we add 0patch data to our vulnerability scanner results?

Have more questions? Submit a request


Please sign in to leave a comment.