I am running Patch Management in a NS 7 environment. It is pretty much an out of box setup. Patch Management sees almost 100,000 vulnerabilities from 800 bulletins. The bulletins range in age from 1999-present. Most of the bulletins have not been staged.
When I run windows update from a sampling of workstations, they are up to date. Yet, Patch shows that those workstations are vulnerable. The workstations have the software update agent installed.
The superseded bulletin report show over 300 superseded bulletins. How do I resolve this and get accurate vulnerability reports? Thanks for your input.