Apply Windows KB to resolve a vulnerability

In the Vulnerabilities table, you'll see an update indicator next to Windows OS Vuln IDs that can be resolved by applying a Windows KB.

1. For each vulnerability that is not resolved, you can set an in progress status in the Status column -- this exact status will vary depending on what specification type you are using. For example, in CycloneDX, you could set it to In triage to indicate to your team that you're in the process of analyzing this. Once you’ve determined which KBs you need to apply to resolve a vulnerability, click the KB indicator next to the Vuln ID. This will display the Resolve panel panel.

2. In this panel, you'll see a list of suggested KBs. The top one is the one that is most recently released and contains the most rollups of the subsequent KBs. You can click each KB link to go to the Microsoft MSRC site to determine which KBs matches what you are applying to your physical test device to align your digital digital twin record accordingly.

3. Click Resolve with selected KB when you've chosen which KB you want to apply. You’ll see a success message letting you know which KB was applied, as well as how many and which vulnerabilities it resolved.

4. Next to the Vuln ID, you'll see a new shield indicator to indicate that a KB has been applied. You can hover over this to see what KB was applied to resolve this vulnerability.

5. Applying this KB will gray out the row, and will set the corresponding status to fixed.