The scanner Solution is deprecated in instances where a scanner Fix is available.
When you are viewing a scanner vulnerability (the tab on the vulnerability page bearing the scanner’s name), you may notice both a Solution and a Fix are available.
We are deprecating Solution because it is a simple text field on the scanner vulnerability definition that is not as robust as fixes are.
In the example below, “January 2025 Security Updates” is not actionable. Furthermore, if another vulnerability is also identified by CVE-2025-0448 but has a different solution, that solution could overwrite this solution, potentially resulting in a mismatch with the asset if the solution contains OS- or software-specific wording.
The Fix tab to the right of Solution displays the scanner’s Fix information exactly as it comes from the scanner. This Fix data is actionable and specific to the asset.
In the example below, the Fix is to “Update Microsoft Edge Chromium-based to version 133.0.3065.82.” If the asset also had Google Chrome installed, another fix might be “Update Google Chrome Enterprise to version 133.0.6943.98 or newer.” You would need to update two software products to completely remediate CVE-2025-0448 on this asset.
Note: When a Fix is not available from the scanner then you may use the Solution which is the only tab present.
The Solution tab in the explorer fixes tab, as shown below, will not change.
Comments
Please sign in to leave a comment.