Overview
You have security vulnerabilities but cannot remediate them - the Remediate option under Remediation Actions in the LanGuard Dashboard is greyed out. The relevant KB/patches are approved for patch auto-deployment but that doesn't help.
Solution
The issue of the Remediate button being greyed out is usually caused by the lack of the purchased Extended Security Update (ESU) or not activated ESU keys on the target computers running legacy Microsoft products, Windows 7 and Windows Server 2008/R2. To resolve this, refer to the Resolving Missing Patches, Scanning and Remediation Failures for Microsoft Windows Server 2008, 2008 R2, and Windows 7 Without ESU Support article.
In the even more old operational systems, like Windows XP and Windows Server 2003, this can be also caused by Data Execution prevention. In such cases, add a Data Execution Prevention (DEP) exception:
- Go to Start > Settings > Control Panel > System.
- Navigate to the Advanced tab and access the Performance Settings.
- Change to the Data Execution Prevention tab.
- Enable the Turn on DEP for essential Windows programs and services only radio button.
Testing
Run a full scan of the target machine(s), then verify if the Remediate option is now available. If the issue persists, contact GFI LanGuard Support.