Overview
You would like to know how to get specific security update related to the announced CVE Vulnerability added to GFI LanGuard. And, once it is already added, how to download and install it to the machines.
Solution
Relevant CVE vulnerability definitions for supported applications are added by the GFI Content team to the LanGuard vulnerabilities database and delivered through the automatically scheduled program updates. If a patch is available to mitigate the vulnerability, the remediate button would be available; otherwise, it would be grayed out.
As long as CVE is related to a product supported by GFI LanGuard, you do not have to worry about the definitions to be added. Check the complete list of the GFI LanGuard supported OVAL and CVE definitions; generally, updates are pushed twice a week, on Wednesday and Friday evenings.
Once you have the latest definitions, the CVE vulnerability should be detected on all affected machines by the next vulnerabilities scan (scan using Scanning Profile with vulnerability scanning enabled). You will be able to check the particular CVE vulnerability details and deploy the patch for it through the remediation options available.
If you do not see the vulnerability, Update LanGuard Manually and scan again.
Not all CVE's will have a patch available for deployment if the third-party vendor does not provide one.
CVE for Unsupported Applications
If you want to manually add to LanGuard a CVE definition for the unsupported third-party application, refer to the corresponding KB article.
If you want to manually download and install a patch for the unsupported applications to target machines, refer to the Deploying Custom Software on Remote Machines with the GFI LanGuard Server article.