AWS Security ChangesHomeSearch

AWS inspector documentation change

Service: inspector · 2026-03-19 · Documentation low

File: inspector/latest/user/findings-types.md

Summary

Added documentation about KB ID aggregation for Windows vulnerabilities and scoring methodology

Security assessment

This change improves documentation about vulnerability reporting methodology but does not address a specific security vulnerability. The KB ID grouping is a feature enhancement for vulnerability management rather than a security fix.

Diff

diff --git a/inspector/latest/user/findings-types.md b/inspector/latest/user/findings-types.md
index b1a7425fa..2d8127a57 100644
--- a//inspector/latest/user/findings-types.md
+++ b//inspector/latest/user/findings-types.md
@@ -26 +26,3 @@ Package vulnerability findings identify software packages in your AWS environmen
-Amazon Inspector can generate package vulnerability findings for EC2 instances, ECR container images, and Lambda functions. Package vulnerability findings have additional details unique to this finding type, these are the [Inspector score and vulnerability intelligence](./findings-understanding-score.html).
+Amazon Inspector can generate package vulnerability findings for EC2 instances, ECR container images, and Lambda functions. Package vulnerability findings include details that are unique to this type of finding. These details are the [Inspector score and vulnerability intelligence](./findings-understanding-score.html).
+
+For Windows EC2 instances, package vulnerability findings can be identified by Microsoft Knowledge Base (KB) IDs instead of individual CVEs. If a KB update addresses one or more CVEs, Amazon Inspector reports a single KB finding, for example `KB5023697`, instead of a separate finding for each CVE. A KB finding specifies the highest CVSS score, EPSS score, and exploit availability across all constituent CVEs.