InsightVM is flagging Windows 10 computers as having the CVE-2013-3900: MS13-098 vulnerability even though they have already been fixed. I confirmed this easily by checking my own device and saw that the registry entries matched the MS recommendation. This is suddenly cropping up today.
Hi @bcoy yes a fix was pushed out for this, if you are still experiencing issues please make sure you are latest version 6.6.230. If the issue still persists please reach out to our support team and we’ll be able to investigate with you.
On our Win 11 i set the key with this powershell skript: MS13-098 anyone? - #13 by jmerchant, but Rapid7 Insight Agent or the backend ist still flagging the system for CVE-2013-3900. Any ideas where the problem is?
Hi @pmcauley_pmcauley, I’m working with a client where MS13-098 is still being reported as a vulnerability on Windows devices. The client is running 6.6.248 console version. Do the reg keys really need to be deployed to all Windows instances regardless of OS type?