Open mostlikelee opened 8 months ago
Hey @sharon-fdm and @mostlikelee heads up, looks this subtask made it onto the drafting board by accident.
I removed the product label to take it off the board.
Hey @mostlikelee and @sharon-fdm heads up, I updated this issue to use the user story format.
Tim, I moved your original issue description to the "Context" and "Changes" section.
Looks like there are no product changes associated w/ this story.
Pulling this one off feature fest and adding the ~engineering-initiated
label so that the architecture DRI (@lukeheath) reviews the story and decided whether to prioritize.
@sharon-fdm I am prioritizing this story for estimation.
After looking at this, we think it's a bug. We should not waste resources for unused queries.
Goal
Context
Requestor(s): @mostlikelee
The original implementation of Windows OS Vulnerability scanning (~2yrs ago) included a detail query on Windows hosts to gather installed patches (aka KBs) which was used to query against the MSRC data to see if a patch was installed that remediated a vulnerability. Microsoft has negated the need for this in recent releases, so that mechanism is no longer needed.
Microsoft has negated the need for this in recent releases, so that mechanism is no longer needed.
This work will reduce load on Fleet server and the database because we no longer need to write this data (possibly 100s of entries per windows host).
Changes
Product
None.
Engineering
windows_updates
tablewindows_updates
tabled to query against the MSRC data to see if a patch was installed that remediated a vulnerability.windowsUpdateHistory
QA
Risk assessment
Manual testing steps
Testing notes
Confirmation