The patch report identifies the patches available for current vulnerabilities on selected hosts based on a patch template selected by the user at run time. These are the vulnerabilities detected by the most recent scan of each selected host.
The service identifies patches following this staged approach:
1. Collects information for detected vulnerabilities. The service first collects information about vulnerability QIDs detected on the target hosts, and applies QID filtering based on user-selected settings in the "Selective Vulnerability Reporting" and "Timeframe Selection" sections on the Filter tab in the patch report template.
2. Identifies which vulnerabilities have patches. The service uses the KnowledgeBase to determine which detected vulnerabilities have patches available. Only QIDs with known patches are considered, and the rest are discarded.
3. Determines recommended patches for each vulnerability. The service uses the KnowledgeBase to determine the relationship between the patchable QIDs (vulnerabilities with available patches). The relationship is very simple: either the QID is associated with the latest patch available for that issue, or a newer patch associated with a separate QID is available for that issue.
4. Applies patch QID filtering, if any. The service applies patch QID filtering based on user-selected settings in the "Selective Patch Reporting" section on the Filter tab in the patch report template. Only the newest patch that is not filtered out is listed as a patch in the report.
5. Assigns a severity to each patch. The service assigns a severity to each patch in the report. The severity may be based on the recommended patch to fix the vulnerability (the default) or the highest severity across all detected vulnerabilities that may be fixed by the patch. Users determine which patch severity to display on the Display tab in the patch report template.