Dashboard Toolbox - VM DASHBOARD BETA: Microsoft 2019 PContent Added Monthly - Check Back for Updatesatch Tuesday (QID Based) VM Dashboard - New Format Version 3.0
This page contains information to create a Microsoft 2019 Patch Tuesday VM Dashboard leveraging data in your Qualys Vulnerability Management subscription.
This dashboard is part of the New VM Dashboard Beta program is not intended for production use, and subject to modification without notice. If you have any questions regarding the content, please comment below or Contact Support - Technical Assistance Inquiry Form | Qualys, Inc.
The widgets in this dashboard are based on the following base query:
VULNERABILITY:
vulnerabilities.vulnerability:(qid:XXXXXX OR qid:XXXXXX OR qid:XXXXXXX)
Consider the possibilities for this dashboard. It could be updated to report by status (vulnerabilities.status: [NEW,ACTIVE,REOPENED,FIXED]), or patchable vs. configuration (vulnerabilities.vulnerability.patchAvailable: TRUE/FALSE). For examples of widgets using these tokens, please visit Dashboard Toolbox - Top 10 Vulnerabilities Scorecard BETA.
To create the query string I am now leveraging the monthly Security Alerts posts that include the QIDs associated with Microsoft and Adobe on Patch Tuesday. NOTE: This is a workaround until the development process catches up to customer feature requests. I suggest bookmarking this page for future reference.
Well that's a wrap for the Microsoft 2019 Patch Tuesday. I hope you found this dashboard of use. See you again around January 15, 2020 when we'll begin Microsoft 2020 Patch Tuesday! Have a wonderful, safe, happy, and healthy holiday season my friends.
CHANGELOG:
2019-12-11: Refreshed QLYS - Microsoft 2019 Patch Tuesday 2019 Dec VMdashboard and added 2019 Dec widgets
2019-11-13: Refreshed QLYS - Microsoft 2019 Patch Tuesday 2019 Nov VMdashboard and added 2019 Nov widgets.
2019-10-09: Refreshed QLYS - Microsoft 2019 Patch Tuesday 2019 Oct VMdashboard and added 2019 Oct widgets. Also attached herein three (3) Windows Authentication related JSON files should anyone would like to add them to their dashboard.
2019-Sep-12: Refreshed JSON for QLYS - Microsoft 2019 Patch Tuesday 2019 Sep VMdashboard and added 2019 Sep widgets.
2019-Aug-19: Changed query logic from CVE focused to QID focused leveraging Security Alerts for a concise list of QIDs for patch tuesdays.
2019-Aug-13: Refreshed QLYS - Microsoft 2019 Patch Tuesday 2019Aug VMdashboard and added 2019_Aug_-_93_CVEs,_1_ADVs_-_TOP_50_VMwidget.json
2019-Jul-19: Added all new QLYS - Microsoft 2019 Patch Tuesday Monthly Top 50 Widgets with filtering enabled and refreshed QLYS - Microsoft 2019 Patch Tuesday 2019July VMdashboard with my apologies for the delay.
2019-Jun-12: Added QLYS - Microsoft 2019 Patch Tuesday 201906 VMwidget.zip and refreshed QLYS - Microsoft 2019 Patch Tuesday VMdashboard.zip.
Demonstration Image(s)
QUERIES
JANUARY, 2019
vulnerabilities.vulnerability:(qid:`100351` OR qid:`110328` OR qid:`53020` OR qid:`91493` OR qid:`91494` OR qid:`91495` OR qid:`91496` OR qid:`91497` OR qid:`91498` OR qid:`13388` OR qid:`371400`)
FEBRUARY, 2019
vulnerabilities.vulnerability:(qid:`100359` OR qid:`100360` OR qid:`110330` OR qid:`371640` OR qid:`53021` OR qid:`91502` OR qid:`91503` OR qid:`91504` OR qid:`91505` OR qid:`371638` OR qid:`371645` OR qid:`371646` OR qid:`371647`)
MARCH, 2019
vulnerabilities.vulnerability:(qid:`100363` OR qid:`100364` OR qid:`110332` OR qid:`91509` OR qid:`91510` OR qid:`91511` OR qid:`91512` OR qid:`91513` OR qid:`91514` OR qid:`371690` OR qid:`371691`)
APRIL, 2019
vulnerabilities.vulnerability:(qid:`100365` OR qid:`100367` OR qid:`110333` OR qid:`50091` OR qid:`91520` OR qid:`91521` OR qid:`91522` OR qid:`91523` OR qid:`91524` OR qid:`91525` OR qid:`371729` OR qid:`371731` OR qid:`371732` OR qid:`371733` OR qid:`371734`)
MAY, 2019
vulnerabilities.vulnerability:(qid:`371777` OR qid:`371780` OR qid:`371781` OR qid:`110334` OR qid:`91530` OR qid:`91528` OR qid:`22004` OR qid:`91529` OR qid:`91533` OR qid:`91531` OR qid:`91527` OR qid:`91526` OR qid:`100371` OR qid:`100370` OR qid:`91532`)
JUNE, 2019
vulnerabilities.vulnerability:(qid:`100372` OR qid:`100373` OR qid:`110335` OR qid:`50093` OR qid:`91543` OR qid:`91544` OR qid:`91545` OR qid:`371835` OR qid:`371836`)
JULY, 2019
vulnerabilities.vulnerability:(qid:`100374` OR qid:`110336` OR qid:`20116` OR qid:`50094` OR qid:`91548` OR qid:`91549` OR qid:`91550` OR qid:`91551` OR qid:`91552` OR qid:`91553` OR qid:`371990`)
AUGUST, 2019
vulnerabilities.vulnerability:(qid:`100381` OR qid:`110337` OR qid:`91558` OR qid:`91559` OR qid:`91560` OR qid:`91561` OR qid:`91562` OR qid:`91563` OR qid:`372051` OR qid:`372052` OR qid:`372053`)
SEPTEMBER, 2019
vulnerabilities.vulnerability:(qid:`100386` OR qid:`100387` OR qid:`110338` OR qid:`50095` OR qid:`91568` OR qid:`91570` OR qid:`91571` OR qid:`91572` OR qid:`91573` OR qid:`91574` OR qid:`91575` OR qid:`372106`)
OCTOBER, 2019
vulnerabilities.vulnerability:(qid:`100389` OR qid:`110339` OR qid:`372148` OR qid:`91578` OR qid:`91579` OR qid:`91580` OR qid:`91581` OR qid:`91582`)
NOVEMBER, 2019
vulnerabilities.vulnerability:(qid:`91588` OR qid:`91587` OR qid:`91586` OR qid:`91585` OR qid:`50096` OR qid:`372209` OR qid:`372208` OR qid:`110340` OR qid:`100390`)
DECEMBER, 2019
vulnerabilities.vulnerability:(qid:`100398` OR qid:`110341` OR qid:`91589` OR qid:`91590` OR qid:`91591` OR qid:`91592` OR qid:`91593` OR qid:`13637` OR qid:`372283` OR qid:`372284` OR qid:`372285`)
If you're interested, you may also wish to add these three (3) additional widgets: New
- Top 50 Windows Assets Pending Reboot
- Top 50 Windows Auth Not Attempted
- Top 50 Windows Auth Failed
Demonstration Image(s)
QUERIES New
Windows Pending Reboot:
>>>>> vulnerabilities.vulnerability.qid:90126
Windows Authentication Not Attempted:
>>>>> vulnerabilities.vulnerability.qid:105296
Windows Authentication Failed:
>>>>> vulnerabilities.vulnerability.qid:105015
Related Qualys Blog Posts
- https://blog.qualys.com/laws-of-vulnerabilities/2019/01/08/january-2019-patch-tuesday-47-vulns-7-critical-adobe-vulns
- https://blog.qualys.com/laws-of-vulnerabilities/2019/02/12/february-2019-patch-tuesday-74-vulns-20-critical-exchange-0-d…
- https://blog.qualys.com/laws-of-vulnerabilities/2019/03/12/march-2019-patch-tuesday-65-vulns-18-critical-rces-in-dhcp-cl…
- https://blog.qualys.com/laws-of-vulnerabilities/2019/04/09/april-2019-patch-tuesday-74-vulns-16-critical-2-actively-atta…
- https://blog.qualys.com/laws-of-vulnerabilities/2019/05/14/may-2019-patch-tuesday-79-vulns-22-critical-rdp-rce-mds-attac…
- https://blog.qualys.com/laws-of-vulnerabilities/2019/06/11/june-2019-patch-tuesday-88-vulns-21-critical-hyper-v-escape-a…
- https://blog.qualys.com/laws-of-vulnerabilities/2019/07/09/july-2019-patch-tuesday-77-vulns-15-critical-dhcp-rce-exploit…
- https://blog.qualys.com/laws-of-vulnerabilities/2019/08/13/august-2019-patch-tuesday-93-vulns-29-critical-7-remote-deskt…
- https://blog.qualys.com/laws-of-vulnerabilities/2019/09/10/september-patch-tuesday-79-vulns-17-critical-remote-desktop-c…
- https://blog.qualys.com/laws-of-vulnerabilities/2019/10/08/october-2019-patch-tuesday
- https://blog.qualys.com/laws-of-vulnerabilities/2019/11/12/november-2019-patch-tuesday-74-vulns-13-critical-actively-att…
- https://blog.qualys.com/laws-of-vulnerabilities/2019/12/10/december-2019-patch-tuesday-36-vulns-7-critical-actively-atta… Added Dec 11, 2019
IMPORTANT: Importing Dashboard and/or Widget JSON files - Enable historical data collection
When you export dashboard(s) and/or widget(s) that have "Enable historical data collection" turned on, and then import them later, you will have to manually "Enable historical data collection" following your import. This is by design. The action of turning on this feature starts the clock for data retention.
Demonstration Image(s)
If you have any questions, please post them below, contact your TAM, or Contact Support - Technical Assistance Inquiry Form | Qualys, Inc..
Back to Dashboards and Reporting Resources - Start Here
Back to Dashboard Toolbox - New Vulnerability Management (VM) Dashboard BETA
Thanks for this. I have taken your work one step further and added a widget for each month to show vulnerability status. Active. New, ReOpened and Fixed.