deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-21 13:23:36 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

new images

Browse Source
This commit is contained in:
Beth Levin
2020-11-05 09:24:10 -08:00
parent 4a21465aaa
commit bbc189caed
3 changed files with 27 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
windows/security/threat-protection/microsoft-defender-atp/images/tvm-zero-day-software-flyout-400.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 106 KiB

BIN
windows/security/threat-protection/microsoft-defender-atp/images/tvm-zero-day-software-flyout.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 66 KiB

44
windows/security/threat-protection/microsoft-defender-atp/tvm-zero-day-vulnerabilities.md
View File

@ -32,15 +32,17 @@ ms.topic: article
A zero-day vulnerability is a publicly disclosed vulnerability for which no official patches or security updates have been released. Zero-day vulnerabilities often have high severity levels and are actively exploited. A zero-day vulnerability is a publicly disclosed vulnerability for which no official patches or security updates have been released. Zero-day vulnerabilities often have high severity levels and are actively exploited.
Once a zero-day vulnerability has been found, information about it will be conveyed through the following experiences in the Microsoft Defender Security Center: ## Find information about zero-day vulnerabilities
## Threat and vulnerability management dashboard Once a zero-day vulnerability has been found, information about it will be conveyed through the following experiences in the Microsoft Defender Security Center.
### Threat and vulnerability management dashboard
Find recommendations with a zero-day tag in the “Top security recommendation” card. Find recommendations with a zero-day tag in the “Top security recommendation” card.
![Two top recommendations with a zero-day tag.](images/tvm-zero-day-dashboard.png) ![Two top recommendations with a zero-day tag.](images/tvm-zero-day-dashboard.png)
## Weaknesses page ### Weaknesses page
Find the named zero-day vulnerability along with a description and details. Find the named zero-day vulnerability along with a description and details.
@ -50,19 +52,7 @@ Find the named zero-day vulnerability along with a description and details.
![Zero day example for CVE-2020-17087 in weaknesses page.](images/tvm-zero-day-weakness-name.png) ![Zero day example for CVE-2020-17087 in weaknesses page.](images/tvm-zero-day-weakness-name.png)
## Software inventory page ### Security recommendations page
Find software with the zero-day tag.
![Zero day example of Windows Server 2016 in the software inventory page.](images/tvm-zero-day-software-inventory.png)
## Software page
Find a zero-day tag for each software that has been affected by the zeroday vulnerability.
![Zero day example for Windows Server 2016 software page.](images/tvm-zero-day-software-page.png)
## Security recommendations page
Clear suggestions regarding remediation and mitigation options, including workarounds if exist. Clear suggestions regarding remediation and mitigation options, including workarounds if exist.
@ -70,8 +60,30 @@ When there is an application with associated zero-day vulnerability and addition
![Zero day example of Windows Server 2016 in the security recommendations page.](images/tvm-zero-day-security-recommendation.png) ![Zero day example of Windows Server 2016 in the security recommendations page.](images/tvm-zero-day-security-recommendation.png)
## Addressing the zero-day vulnerability
Go to the security recommendation page
![Zero day example flyout example of Windows Server 2016 in the security recommendations page.](images/tvm-zero-day-software-flyout-400.png)
## Patching the zero-day vulnerability
When a patch is released for the zero-day, the recommendation will be changed to “Update” and a blue label next to it that says “New security update for zero day.” When a patch is released for the zero-day, the recommendation will be changed to “Update” and a blue label next to it that says “New security update for zero day.”
## Other places to find vulnerable software
### Software inventory page
Find software with the zero-day tag.
![Zero day example of Windows Server 2016 in the software inventory page.](images/tvm-zero-day-software-inventory.png)
### Software page
Find a zero-day tag for each software that has been affected by the zeroday vulnerability.
![Zero day example for Windows Server 2016 software page.](images/tvm-zero-day-software-page.png)
## Related topics ## Related topics
- [Threat and vulnerability management overview](next-gen-threat-and-vuln-mgt.md) - [Threat and vulnerability management overview](next-gen-threat-and-vuln-mgt.md)