I have vulnerabilities where the remediation action is for the wrong architecture.
In my example it is a Server 2012 R2 box on VMWare for CVE-2022-26832 and the remediation is to install a .NET rollup for ARM. When going to Microsoft’s website for this CVE and trying to install their recommended patch the server says that it is not needed.
1 Like
Curious on the solution for this, I am seeing the same come up spanning across 13 2012 assets and do not have any ARM64 devices.