Windows servers have been flagged with very old vulnerabilities.
The servers are fully up-to-date.
The vulnerability proof points to the Windows Build and Release numbers at
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion
CurrentBuild - contains 14393
UBR - contains 4169
The build number is correct, but the release number (UBR) is 5246 (current to July 2022)
How do I get InsightVM to recognize the updated build number and remove these hundreds of false positives?
Are these servers getting credentialed scans? If so, try deleting the asset and scanning it again. We had this same issue recently and that fixed it for us.
Did you get this resolved? I have a server being flagged with this, saying the UBR contains 859.
Granted… the UBR reg key is actually different to the three other servers I’ve compared it with so far (It is 2031 and the others are all 4974,) but it is fully patched up to and including 2023-10.