Skip to Content

MC286340: Retiring the advanced hunting table named ‘DeviceTvmSoftwareInventoryVulnerabilities’

The advanced hunting table named DeviceTvmSoftwareInventoryVulnerabilities will be retired in favor of two new tables. One table is focused solely on software inventory and the other table is focused on vulnerabilities. This change will provide better clarity and reduce noise/complexity when using advanced hunting for common threat and vulnerability management scenarios.

MC286340: Retiring the advanced hunting table named ‘DeviceTvmSoftwareInventoryVulnerabilities’

Affected Workloads

  • Microsoft 365 suite

Tables that are replacing DeviceTvmSoftwareInventoryVulnerabilities:

  • DeviceTvmSoftwareInventory:This table serves as a complete list of all software on your devices, whether or not they have any vulnerabilities.
  • No duplicate entries – unlike the old table, you have a single row for each software installed on every device.
  • New fields – EndOfSupportStatus and EndOfSupportDate have the end-of-support state (if applicable) for specific software versions installed on devices.
  • DeviceTvmSoftwareVulnerabilities: This table is dedicated to discovering Common Vulnerabilities and Exposures (CVEs) in existing software across all your devices.
    • New fields – RecommendedSecurityUpdate and RecommendedSecurityUpdateId have missing security updates / Knowledge Bases (KBs) for installed software.

When will this happen

These new tables are available today. The old advanced hunting table will be retired on October 15th, 2021.

How this will affect your organization

The advanced hunting table named DeviceTvmSoftwareInventoryVulnerabilities will be retired and replaced with the advanced hunting tables named DeviceTvmSoftwareInventory and DeviceTvmSoftwareVulnerabilities.

Users will no longer be able to execute queries (either manually or via API) that use the retired table when this change is implemented.

What you need to do to prepare

If you use the old table, either for manual queries or via API, it’s strongly encouraged you switch to using the new tables today to avoid breaking existing flows.

Learn more

Message ID: MC286340
Published: 20 September 2021
Updated: 20 September 2021

    Ads Blocker Image Powered by Code Help Pro

    Your Support Matters...

    We run an independent site that\'s committed to delivering valuable content, but it comes with its challenges. Many of our readers use ad blockers, causing our advertising revenue to decline. Unlike some websites, we haven\'t implemented paywalls to restrict access. Your support can make a significant difference. If you find this website useful and choose to support us, it would greatly secure our future. We appreciate your help. If you\'re currently using an ad blocker, please consider disabling it for our site. Thank you for your understanding and support.