Version history for the Security Operations Vulnerability Response Integration with Microsoft Threat and Vulnerability Management on the ServiceNow Store.

Important: For details on system requirements and family compatibility, view the application listing on the ServiceNow Store website.

Version history

Version 2.6.3 - May 2025
Fixed: Minor fixes for this release.
Version 2.6.2 - February 2025
Changed: Verify that CVSS scores are populated on the CVE records from TVM.
Version 2.5.1 - November 2024
  • New: Vulnerability Managers can now configure the split of detections from Microsoft Threat and Vulnerability Management scanner using CVE ID, enabling them to specify the delimiter for each CVE ID to parse the proof. This enhancement results in the creation of multiple vulnerable items for each proof. By default, the configuration to enable split detection by proof is disabled.
  • Changed: To improve the coverage of preferred solutions on vulnerable items, remediation data from Microsoft TVM is leveraged to create solutions.
Version 2.4.1 - August 2024
Changed: In this release, a new integration instance parameter called "skip_preferred_solution" has been introduced. The population of preferred solution on VIT will now be determined based on the skip_preferred_solution integration instance parameter.
Version 2.4.0 - June 2024
New: The execution of the Microsoft Threat and Vulnerability Management Vulnerabilities Integration also accounts for the number of detections excluded with the application of exclusion rules.
Version 2.3.14 - June 2024
  • Removed
    • The Microsoft TVM Integration Run Status classic experience dashboard has been deprecated.
Version 2.3.10 - May 2024
Fixed: MS TVM vulnerability integration is fixed to populate exploit data correctly in vulnerability data imported from MS TVM.
Version 2.3.5 - February 2024
Fixed: sn_vul_msft_tvm_machines_import.xmlVM Metadata information will not be truncated after this release. Schema size is increased in import set table i.e "sn_vul_msft_tvm_machines_import" to handle the same.
Version 2.3.4 - November 2023
  • New: A new system property 'sn_vul_msft_tvm.ignore_mac_address' is added to ignore certain MAC addresses during CI lookup.
  • Fixed:
    • When the Microsoft TVM Vulnerability (CVE) Integration is run, the fieldsPublic exploit andExploit in kit in the vulnerability are populated with the correct values.
    • When an exploit is created by Microsoft TVM integration, theIs exploit verified field is populated with the correct value.
Version 2.3.2 - August 2023 (Vancouver)
Changed: Integration run status report has been updated to the Next Generation Experience.
Version 2.2.3 - June 2023
Fixed: The IP address lookup rule was not returning CIs, even if there was a match available in the Configuration Items table. The issue with the IP address lookup rule has been fixed.
Version 2.2.1 - March 2022
Fixed: Empty tags were resulting in machine data being skipped.
Version 2.1.2 - October 2021
Updated version number for dependency applications.
Version 2.0.3 - June 2021
New: Integration with the Microsoft Defender Threat and Vulnerability Management.