Vulnerability Scanners Capabilities for Detecting Windows Missed Patches: Comparative Study

  • Mohamed Alfateh Badawy
  • Nawal El-Fishawy
  • Osama Elshakankiry
Part of the Communications in Computer and Information Science book series (CCIS, volume 381)


Vulnerability scanners are automated tools that define, identify, and classify security holes (vulnerabilities) in a computer, server, network, or communications infrastructure. Scanners discover missed patches on target systems and report related vulnerabilities. Many of the current information security systems use vulnerability scanners as the main part in the risk assessment process. Others depend on the scanners output in the systems patch management. This paper assesses the effectiveness of depending on vulnerability scanners in the information security management system. It compares between four of the leading vulnerability scanners in the market and carries out a study of their effectiveness in detecting missed patches.

The results show the severity of relying on vulnerability scanners to discover system patches status. A number of false positive and false negative detections for the system patches are reported by each of the tested scanners. The severe level for some of the unreported missed patches ranked as critical that puts the system in a high risk and makes it vulnerable for different attacks.


Vulnerability scanner patch management risk assessment 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Microsoft Corporation: Microsoft Security Update Guide. 2nd edn. (June 2011)Google Scholar
  2. 2.
    Nist, Aroms, E.: NIST Special Publication 800-115 Technical Guide to Information Security Testing and Assessment. CreateSpace, Paramount, CA (2012)Google Scholar
  3. 3.
    Danforth, M.: Scalable patch management using evolutionary analysis of attack graphs. In: Proceedings of the 2008 Seventh International Conference on Machine Learning and Applications, ICMLA 2008, pp. 300–307. IEEE Computer Society, Washington, DC (2008)CrossRefGoogle Scholar
  4. 4.
    Souppaya, M., Scarfone, K.: Guide to enterprise patch management technologies. National Institute of Standards and Technology, NIST SP 800-40 (September 2012)Google Scholar
  5. 5.
    Yang, G., Chen, D., Xu, J., Zhu, Z.: Research of intrusion detection system based on vulnerability scanner. In: 2010 2nd International Conference on Advanced Computer Control, ICACC, pp. 173–176 (2010)Google Scholar
  6. 6.
    Kavanagh, K.: Marketscope for vulnerability assessment. Gartner, Inc. (August 2011) G00230435Google Scholar
  7. 7.
    Kavanagh, K., Nicolett, M.: Marketscope for vulnerability assessment. Gartner, Inc. (April 2011) G00211846Google Scholar
  8. 8.
    Nilsson, J., Virta, V.: Vulnerability scanners. Royal Institute of Technology, Stockholm (2006)Google Scholar
  9. 9.
    Wack, J., Tracy, M., Souppaya, M.: Guideline on network security testing. National Institute of Standards and Technology, NIST SP 800-42 (October 2003)Google Scholar
  10. 10.
    Beale, J., Deraison, R., Meer, H., Temmingh, R., Walt, C.V.D.: Nessus Network Auditing. Syngress Publishing (2004)Google Scholar
  11. 11.
    Microsoft: Microsoft baseline security analyzer v2.2 (July 2010),
  12. 12.
    McAfee: Mcafee vulnerability manager v7.5 (December 2012),
  13. 13.
    BeyondTrust: Retina network security scanner v5.18 (2012),
  14. 14.
    Rapid7: Nexpose vulnerability management v5.5.12 (2012),
  15. 15.
    Tenable: Nessus vulnerability scanner v5.0.2 (February 2012),

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Mohamed Alfateh Badawy
    • 1
  • Nawal El-Fishawy
    • 1
  • Osama Elshakankiry
    • 1
  1. 1.Department of Computer Science and Engineering, Faculty of Electronic EngineeringMenoufia UniversityMenoufiaEgypt

Personalised recommendations