Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 00:00:06 - 00:05:32 No matter how effective your protection and control systems are, vulnerabilities must be fixed in operating systems and applications. Of course, the administrator can take care of this, but Kaspersky Endpoint Security simplifies the task. In this video, we will tell you how to use Kaspersky Endpoint Security to detect and fix vulnerabilities. Vulnerabilities in operating systems are the most dangerous because they are widespread, and adversaries use them for attacks most often. Although some application vulnerabilities can be just as dangerous, for example vulnerabilities in browsers or popular office applications to fix windows vulnerabilities, it is sufficient to regularly install updates released by Microsoft. The Windows Update system can take care of that to fix vulnerabilities in other software products, it is usually necessary to install a new version of the application or a patch released by the manufacturer. The main concern is automation of regular updates, while windows provides tools that automate updates, installing updates for other products involves a lot of manual work. At the same time, even if installation of updates is automated, the administrator cannot easily control the installation if it has completed or, for example, the download was interrupted. Similar issues arise when updating applications. You need to control application versions on all devices and understand which version you need to install. This is where Kaspersky Endpoint Security Cloud comes in handy. The administrator can use the update management capabilities to monitor vulnerabilities and available updates. For Microsoft software and third party applications. The vulnerability assessment task can run daily or weekly, depending on the selected schedule, and receive up to date information about software vulnerabilities. The patch Management task forces computers and servers to download and install updates for the operating system and applications. Availability of the vulnerability assessment and patch management functionality depends on the license. The Plus and Pro licenses cover the full functionality. Kaspersky Endpoint Security Cloud searches for information about known vulnerabilities and updates available for windows and other software. Kaspersky Network Agent collects information about updates that are already installed or need to be installed. Kaspersky Endpoint Security is not involved into this process. Kaspersky Network Agent collects information about vulnerabilities to it automatically monitors application launches, and additionally scans all applications installed on the computer. Kaspersky Endpoint Security Cloud uses information that Kaspersky experts gather and maintain based on analysis of typical information security threats and vulnerabilities. All data is available in the workspace. The administrator can see, filter, and use IT information from the Kaspersky Database and Windows Update. Metadata helps automate vulnerability fixing. Windows update metadata links vulnerabilities to updates that are released to fix them. Kaspersky database does the same for other applications. Kaspersky Network Agent, installed on a computer, receives information about available updates from Kaspersky Endpoint Security Cloud and sends a command to download and install Windows Updates. Vulnerability assessment settings pertain to security management. It is enabled by default and collects information from all windows devices connected to the workspace. You can adjust the schedule of the vulnerability Assessment task, click Vulnerability Detection Settings and select the frequency, day, and time when the task will run. You can sort the list of vulnerabilities by vendor severity or planned to fix. Click a vulnerability name to see detailed information. Description criticality the number of devices where it has been detected, application last detection date and time availability of updates that fix the vulnerability. Click View Patches to see the updates that can fix this vulnerability. Select the update you want to install and click Approve Patch Installation to schedule the installation. Different versions of operating systems may require different versions of updates. Kaspersky Endpoint Security Cloud discovers the operating system version and offers the administrator the required update. The vulnerabilities report shows the general status of vulnerabilities in the corporate network. It displays vulnerable devices distributed by the vulnerability risk level. Click a vulnerability to see the list of computers where it has been detected. The Vulnerability Assessment task only scans windows devices for vulnerabilities, but does not install updates. To automate the installation of updates, configure the patch management task in Kaspersky Endpoint Security Cloud. The patch management task pertains to security management and is not bound to a particular security profile. Click Patch Installation Settings to configure the patch management task. First of all, select and update installation mode. Install approved patches only. In this mode, you need to examine available updates, accept the license agreements and Mark is allowed. Those updates that you want to install. Install all patches mode allows you to automatically install all updates except those that require acceptance of a license agreement, usually. New versions of third party applications. In the installation area parameter, select where updates need to be installed workstations, servers or all devices. Next, select the frequency of installations, the task start time and other parameters. The start installation at device restart or shutdown parameter only permits installation of updates when a user turns off or restarts a device, this will reduce the impact on the device performance.5847