I will be submitting an IDEA ticket to Rapid7 to add the ability to filter vulnerabilities for instances that are part of a MSFT cumulative update.
This will help with vulnerability reporting where there may be a missing cumulative update rather than sorting through all the vulnerability instances and correlating it manually.
I’ve had a request for vulnerability tagging specifically for this. I want to be able to filter by monthly patches vs config changes