Publication

Abstract :

Cyber threats continue to evolve, exploiting outdated systems and unpatched vulnerabilities as entry points into critical infrastructures. Manual vulnerability identification a nd patch deployment are time-consuming, error-prone, and often leave systems exposed to severe compromises. To address this, we present PatchOps, an automated framework for vulnerability scanning and patch management on Windows platforms. PatchOps performs comprehensive software inventory analysis, leverages the Vulners API for real-time vulnerability detection, and integrates Windows Knowledge Base (KB) update analysis to identify and remediate missing patches. A key feature is the integration of the open-source Windows Exploit Suggestor, enabling initial risk assessment by mapping installed software versions to known exploits. PatchOps deploys patches in a sequenced manner that minimizes downtime while ensuring system stability. Experimental evaluations demonstrate that PatchOps effectively identifies critical vulnerabilities and applies required updates, significantly reducing exposure to cyber threats. Finally, we discuss implementation challenges, evaluate system performance, and outline future directions for enhancing automation and enterprise integration.