Advisories#
FutureVuls collects advisory information from various OS vendors.
You can check for the presence of advisories associated with vulnerabilities in the Vulnerability List and the Task List. You can also find links to advisories from the Task Details page.
For Windows servers, you can also manually register KBIDs from the advisory details.
Advisory List#
In the second pane of the Server / Product tab, you can view all advisories associated with vulnerabilities detected on the target server.

| Item | Details |
|---|---|
| Advisory Name | The name of the advisory. |
| Detected CVE-ID | The CVE-ID related to the advisory. |
| Applied | Whether the update related to the advisory has been applied (for Microsoft Knowledge Base). |
| Manually Added | Whether the advisory was manually registered by a user (for Microsoft Knowledge Base). |
| Advisory ID | The management ID of the advisory. |
| First Detection Time | The date and time the advisory was registered in the database. |
Advisory Details#
Clicking on any advisory in the Advisory List will display its details in the third pane.
The advisory details display the following items:
| Item | Details |
|---|---|
| Advisory Name | The name of the advisory. |
| Status | The status of the advisory (whether it is applied, whether it was manually added). |
| Last Update | The date and time the information associated with the advisory was updated. |
Additionally, if there are vulnerabilities related to the advisory, a list of them will be displayed. Clicking on a vulnerability will take you to its details page.

Manual KBID Registration#
This feature is primarily intended for Windows Paste Scan. If an applied update was not detected during scanning, or if there is an unapplied update that was not detected, you can manually register it through the UI to supplement the information.
- In the Server / Product tab, select the target server and open the Advisory tab from the second pane.
-
Click
Add KBIDs, enter all KBIDs indicating applied/unapplied updates for Windows, and then submit.
-
When you run a Manual Scan, vulnerabilities associated with unapplied updates will be automatically detected.
Notes on Manual KBID Registration
- An error will occur if you try to register a KBID that already exists.
- If the target KBID was manually registered, please delete the KBID, run a Manual Scan once, and then register it again.
- If the target KBID was automatically derived from another manually registered KBID, please delete the source KBID, run a Manual Scan once, and then register it again.
- Unlike scans that use a scanner, Windows Paste Scan does not automatically detect unapplied updates or their associated vulnerabilities based on registered applied updates.
- KBIDs detected by the scanner always take precedence over manually registered KBIDs. If a manually added KBID is the same as a scanner-detected KBID but their applied/unapplied states differ, the scanner-detected KBID will be used to detect vulnerabilities. A warning will be displayed in the scan history, so please delete the manually registered KBID.
How to Get Applied/Unapplied Updates (KBIDs) for Windows#
Here are three ways to get the applied and unapplied updates (KBIDs) for Windows.
| Method to get KBID | Applied | Unapplied |
|---|---|---|
| Windows Update API (CUI) | ✅ | ✅ |
| Windows Settings > Update & Security > Windows Update (GUI) | ✅ | ✅ |
| Get-HotFix (CUI) | ✅ | ❌ |
Windows Update API#
The advantage of this method is that by preparing wsusscn2.cab, you can obtain results similar to the scanner even in an environment isolated from the internet. It also supports obtaining unapplied KBIDs and allows you to format the execution results into a registration-ready format, making it the recommended method.
Run the following command in PowerShell.
For environments where Windows Update cannot be accessed online (e.g., environments isolated from the internet)
# Download http://download.windowsupdate.com/microsoftupdate/v6/wsusscan/wsusscn2.cab beforehand.
# In this example, it is downloaded to C:\Program Files\vuls-saas\wsusscn2.cab.
PS C:\Program Files\vuls-saas> $applied = @()
PS C:\Program Files\vuls-saas> $unapplied = @()
PS C:\Program Files\vuls-saas> $Session = New-Object -ComObject Microsoft.Update.Session
PS C:\Program Files\vuls-saas> $ServiceManager = New-Object -ComObject Microsoft.Update.ServiceManager
PS C:\Program Files\vuls-saas> $UpdateService = $ServiceManager.AddScanPackageService("Offline Sync Service", "C:\Program Files\vuls-saas\wsusscn2.cab", 1)
PS C:\Program Files\vuls-saas> $UpdateSearcher = $Session.CreateUpdateSearcher()
PS C:\Program Files\vuls-saas> $UpdateSearcher.WinUpdateSrc = 3
PS C:\Program Files\vuls-saas> $UpdateSearcher.ServiceID = $UpdateService.ServiceID
PS C:\Program Files\vuls-saas> foreach($e in $UpdateSearcher.QueryHistory(0, $UpdateSearcher.GetTotalHistoryCount())){ If ($e.Title -match '(KB\d{6,7})') { $applied += $Matches[0] }}
PS C:\Program Files\vuls-saas> foreach($e in $UpdateSearcher.search("IsInstalled=1 and RebootRequired=0 and Type='Software'").Updates){ $applied += ('KB'+$e.KBArticleIDs) }
PS C:\Program Files\vuls-saas> foreach($e in $UpdateSearcher.search("IsInstalled=0 and Type='Software'").Updates){ $unapplied += ('KB'+$e.KBArticleIDs) }
PS C:\Program Files\vuls-saas> foreach($e in $UpdateSearcher.search("IsInstalled=1 and RebootRequired=1 and Type='Software'").Updates){ $unapplied += ('KB'+$e.KBArticleIDs) }
PS C:\Program Files\vuls-saas> ($applied | Select-Object -Unique) -Join ',' # Applied KBIDs
KB5011651,KB5012599
PS C:\Program Files\vuls-saas> ($unapplied | Select-Object -Unique) -Join ',' # Unapplied KBIDs
KB5012117
For environments where Windows Update can be accessed online (e.g., environments where the scanner program cannot be installed on the server)
PS C:\Program Files\vuls-saas> $applied = @()
PS C:\Program Files\vuls-saas> $unapplied = @()
PS C:\Program Files\vuls-saas> $Session = New-Object -ComObject Microsoft.Update.Session
PS C:\Program Files\vuls-saas> $UpdateSearcher = $Session.CreateUpdateSearcher()
PS C:\Program Files\vuls-saas> $UpdateSearcher.WinUpdateSrc = 1 # or 2
PS C:\Program Files\vuls-saas> foreach($e in $UpdateSearcher.QueryHistory(0, $UpdateSearcher.GetTotalHistoryCount())){ If ($e.Title -match '(KB\d{6,7})') { $applied += $Matches[0] }}
PS C:\Program Files\vuls-saas> foreach($e in $UpdateSearcher.search("IsInstalled=1 and RebootRequired=0 and Type='Software'").Updates){ $applied += ('KB'+$e.KBArticleIDs) }
PS C:\Program Files\vuls-saas> foreach($e in $UpdateSearcher.search("IsInstalled=0 and Type='Software'").Updates){ $unapplied += ('KB'+$e.KBArticleIDs) }
PS C:\Program Files\vuls-saas> foreach($e in $UpdateSearcher.search("IsInstalled=1 and RebootRequired=1 and Type='Software'").Updates){ $unapplied += ('KB'+$e.KBArticleIDs) }
PS C:\Program Files\vuls-saas> ($applied | Select-Object -Unique) -Join ',' # Applied KBIDs
KB5011651,KB5012599
PS C:\Program Files\vuls-saas> ($unapplied | Select-Object -Unique) -Join ',' # Unapplied KBIDs
KB5012117
Windows Settings > Update & Security > Windows Update#
This method allows you to get KBIDs without running any commands. However, if there are a large number of applied or unapplied KBIDs, manually entering them on the registration screen can be time-consuming.
From "Windows Settings", click "Update & Security".

Look at "Windows Update" in "Update & Security". Unapplied updates are displayed in the upper red-bordered area. Extract the KBID from the update title. In this image, "KB5012117" is the unapplied KBID from "2022-04 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 21H2 for x64 (KB5012117)". Also, clicking "View update history" in the lower red-bordered area will display the titles and dates of applied updates.

Similarly, obtain the applied KBIDs from the titles of the updates displayed in "View update history".

Get-HotFix#
If you cannot use either of the two methods above, use this method instead. Note that this method cannot retrieve unapplied KBIDs.
Run the following command in PowerShell.
PS C:\Program Files\vuls-saas> (Get-HotFix | Select-Object HotFixID | % { If ($_ -match '(KB\d{6,7})') { $Matches[0] }}) -Join ','
KB5012117,KB4562830,KB5003791,KB5007401,KB5012599,KB5011651,KB5005699
How to Delete KBIDs#
After applying or removing Windows updates, delete the manually registered KBID using the following procedure.
- In the Server / Product tab, select the target server and open the Advisory tab from the second pane.
- Click the advisory you want to delete to open the third pane.
- Click the trash can icon to delete the KBID.
- When you run a Manual Scan, the vulnerabilities associated with the deleted unapplied update will be removed.
Notes on Deleting KBIDs
Only manually registered KBIDs can be deleted.