Your Patch Report

Why should I run a patch report?

Tell me about patch data

How do I run a patch report?

Tell me about detection data

How do I get the most accurate results?

Tell me about missing patches

Total number of vulnerabilities addressed

Show me report samples


Why should I run a patch report?

Patch reports provide current patch information for fixing vulnerabilities and prioritizing remediation tasks. A patch report identifies the most recent fixes for detected vulnerabilities in your account, so you can apply the fewest patches necessary to fix your vulnerabilities. Note that a patch report includes only vulnerabilities that have available patches and excludes vulnerabilities that cannot be patched.

How do I run a patch report?

Go to VM/VMDR > Reports > Templates. Find the patch report template you want to run (we recommend Qualys Patch Report to get started) and select Run from the Quick Actions menu.

How do I get the most accurate results?

For the most accurate results in your patch report, be sure that authenticated scanning was used to scan the hosts selected for the report. The most appropriate missing patch(es) will be identified when the most accurate host information, including the operating system, has been detected for each host.

We also recommend you choose "QID based patch evaluation" under Findings in your template. This option gives you the most complete and accurate patch recommendations. With this option, you may see several patches recommended to fix a single vulnerability.

Total number of vulnerabilities addressed

This is the number of vulnerability detections (one QID per host) that will be fixed across all groups in the report when all missing patches are applied. You'll see this number in the Report Summary section of the report.

Tell me about patch data shown in the report

You'll see the following patch data:

Vendor ID - The vendor patch ID for a missing patch (for example MS03-010).

Severity - The service assigns a severity to each patch in the report. The severity may be based on the recommended patch to fix the vulnerability (the default) or the highest severity across all detected vulnerabilities that may be fixed by the patch. Users determine which patch severity to display in the patch report template.

CVSS Base Score - You can choose to display a CVSS Base score for each patch - just select this option in your patch report template. Like with severity, you can display the assigned score for the patch detection or the highest score across all vulnerabilities fixed by the patch.

Published - The age of the patch based on the date when the patch was published. For example, "5 days ago" or "2 years ago".

Hosts - (Appears when the report is grouped by Patch or Operating System) The number of affected hosts that the patch needs to be applied to. Click a patch row to view the hosts affected by the selected patch.

Patches - (Appears when the report is grouped by Host or Asset Group) The number of patches that will fix the vulnerabilities on the host. Click a host row to view the patches that will fix the vulnerabilities on the selected host.

Vulns - The number of vulnerabilities on a host that will be fixed by a missing patch. When “QIDs that will be fixed by each patch” is selected in the patch template, the user can click the number to view the QID detection data for the host.

Tell me about detection data

QID detection data is included when “QIDs that will be fixed by each patch” is selected in the report template.

QID - A QID associated with a vulnerability detection that the patch fixes. For each QID you'll also see the associated severity level and title from the KnowledgeBase.

Instance - The instance information associated with a vulnerability detection, if applicable. Information such as port, protocol, FQDN, SSL flag (whether SSL was used to detect the vulnerability) is listed when there are multiple detections of a single QID on the same host.

Last Detected - The age of the vulnerability detection, which the patch fixes, based on the last scan date of the host. For example, "53 days ago".

Tell me about missing patches

The newest patches that fix the detected vulnerabilities are recommended for installation. The newest patch for any one vulnerability detection may be broader in scope and it may fix more vulnerabilities than the QID associated with the vulnerability detection.

Microsoft vulnerabilities

Non Microsoft vulnerabilities

How Patch Analysis Works

Show me report samples

The Online Report format provides a feature-rich user interface including numerous ways to navigate through your report content. The HTML report is displayed in your browser using Ext, a client-side Java framework. A patch report in Online Report format cannot be downloaded to your local filesystem.

Online Report Sample: Group By Host

Online Report Sample: Group by Patch

Online Report Sample: Group by Operating System

Online Report Sample: Group by Asset Group

PDF Report Samples