AnsweredAssumed Answered

QID:91534 - Question about its Logic

Question asked by John Sponheimer on May 29, 2019
Latest reply on Jul 16, 2019 by Dwayne Fleming

Greetings all.  I have a single server that by all understanding should be not vulnerable.  But I scan the system for the RDP vulnerability, and it says its vulnerable.


So I am exploring potential false positive scenarios...but before I detail that, I was asking for some interpretation here.  Looking at the QID:91534 I see the following information:


QID Detection Logic:

The following versions of termdd.sys with their corresponding KBs are verified:
KB4500331 - 5.1.2600.7701, 5.2.3790.6787 
KB4499149 - 6.0.6003.20514 
KB4499180 - 6.0.6003.20514 
KB4499164 - 6.1.7601.24441 
KB4499175 - 6.1.7601.24441


Are we saying the systems with the above termdd.sys file versions (or earlier) are vulnerable?