Skip to main content
Matrix42 Self-Service Help Center

UEM Patch Vulnerability Knowledge

  1. Last updated
  2. Save as PDF

About this document

This article provides details and background information on data used in the Patch & Vulnerabilities part of the UEM Extension.

UEM Patch & Vulnerabilities Preview 

This is a preview feature, allowing customers to get an early look and provide feedback. Not all planned features are implemented yet, and full functionality is not guaranteed. A reset of patch data may be required for the final release.

Patch Management information from Empirum is greatly enhanced and allows users to easily get the information they need based on the great data navigation and dashboard capabilities of the ESM platform.

Acronyms and external resources

Some data is related to information based on external databases and services.

  • CVE: Common Vulnerabilities and Exposures. The mission of the CVE™ Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities.
  • CVSS: Common Vulnerability Scoring System. The Common Vulnerability Scoring System (CVSS) is an open framework for communicating the characteristics and severity of software vulnerabilities. 
  • VRR: Vulnerability Risk Rating . Vulnerability Risk Rating (VRR) considers industry-standard Common Vulnerability Scoring System (CVSS), Common Weakness Enumeration (CWE) data, OWASP (Open Web Application Security Project), open-source threat intelligence, subject matter expertise, trending information, and more. VRR represents the risk posed by a given vulnerability, provided as a numerical score between 0 and 10, to an organization or business. The higher the risk, the higher the VRR.
  • KB Number: Knowledge Base article. (also known as Q-number). Vendor specific information about patches.
  • Bulletin ID: Vendor information on security related issues. 

Product architecture

The Patch & Vulnerability information visualized in the UEM extension is based on two main sources:

  1. Matrix42 Patch Catalog data. The catalog data is retrieved from an external API and contains information on patches including related information like bulletin data, CVE data, CVSS and VRR scorings.  This information is initially transferred when activating the Patch & Vulnerabilities and updated on a daily base. The first import might take very long as the patch catalog contains information on more than 490.000 patches. The following updates are delta updates and therefore much faster.
  2. Computer Patch Status data. Empirum sends the patch status of each computer via the Enterprise Service Bus whenever the data is updated from a patch scan or fix run on the computer.

Activating the preview

The import of patches and the sending of patch installation status are deactivated by default and needs to be enabled if you want to try the preview feature.

Empirum

  • To activate sending of the Empirum patch status messages via Service Bus the feature need to be enabled in the database:
    • Run on the Empirum DB "update Options set EmpValue = 0 where EmpOption = 'UemDevicePmScanResultSkipActivated'"
    • Customers using the Matrix42 Cloud offering need to send an inquiry to enable the preview to Matrix42 support.

UUX for UEM

  • The synchronization of the patch catalog is only performed if the attached Empirum system has a valid Patch Management license and is 25.0.0 or newer. You can check this in the node information in Administration -> Integration -> Enterprise Service Bus -> Nodes -> Empirum node
  • Empirum Node Patch License
  • To enable the initial catalog sync and a daily update the engine activation needs to be activated:
    • Go to Administration -> Services & Processes -> Engine Activations
    • Select "Edit" on the preview of "UEM Device Patch Management Synchronizer Activation"
    • Activate the engine by un-checking "Disable entire Activation"

The initial synchronization will take long as the amount of data is big. Subsequent synchronizations will be performed by using the delta and will not impact the performance.

Automated Patch Catalog Download

The patch catalog is imported on a nightly schedule. Please adjust the schedule so the system is not performing a lot of parallel imports from other systems at the same time. The synchronization of the patch catalog is only performed if the attached Empirum system has a valid Patch Management license and is 25.0.0 or newer. You can check this in the node information in Administration -> Integration -> Enterprise Service Bus -> Nodes -> Empirum node. The initial synchronization will take long as the amount of data is big. Subsequent synchronizations will be performed by using the delta and will not impact the performance.

Patch_Insights_Status.png

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Article type
    How-To
    Target Group
    Customer
  2. Tags
    This page has no tags.