Endpoints observed by Field Effect with out-of-date Windows operating system (OS) builds are reported in routinely generated AROs.
These AROs are reported with a 14 day delay from the latest Windows build released by Microsoft, which are typically released on the second Tuesday of each month ("Patch Tuesday"). This delay is intended to allow Windows updates to propagate to endpoints, and accounts for the different procedures across our clients ensuring updates have been applied before alerting.
While updates for Windows OS vulnerabilities are released on a regular schedule, patches for other vulnerable software on a system are handled differently depending on the software vendor (and in some cases no patch is released when the vulnerability is announced).
Although Field Effect routinely reports vulnerable software detected in your environment, our security team monitors for new CVEs affecting clients which require urgent attention and works to report these threats in a dedicated ARO as quickly as possible.
We understand that this delay may not be suitable for all clients, and we can configure this delay to your needs if you have a preferable timeline for when you would want to receive AROs for out-of-date Windows OS versions in your environment by contacting support@fieldeffect.com
Any rescheduling would be applied to every monthly Windows update, regardless of the significance of what the new OS build addresses.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article