I was wondering when GVM is going to start flagging up Windows 2008 and Windows 7 as EOL. It happily detects Apache Tomcat EOL, Internet Explorer and Elasticsearch EOL, but not Windows 2008 and Windows 7. This is with a credentialed scan as well. Seems a bit of an obvious one to omit.
This is a duplicate of the following topics (the first one contains the rationale):
The rational is really out of date, the only place that extended support exists is Azure. Surely it would be better to add the Critical and give the admin the option of adding an exception.
1 Like
Forgot to mention that it is currently implemented in another way:
Name: Microsoft Windows 7 / Server 2008 End Of Life Detection
OID: 1.3.6.1.4.1.25623.1.0.108956
Family: General
This VT is reporting already a vulnerability but with a “remote_banner_unreliable” QoD (you can lower the QoD in your report to see the result) to avoid false positives because currently no detection of ESU enabled system is implemented.
1 Like
In the end, clients are complaining that GVM doesn’t detect EOL W7 and 2k8. Every other VS flags it as critical. You really do need to think about flagging it up!
This has been indeed already considered in the past but no decision has been made yet.
If you’re a Greenbone customer you could create a support ticket to raise priority for it.
1 Like