Jamf Nation Community

user-IUsJxvLxeb · ‎05-19-2022

Can anyone help me identify the best means to create a smart group that will allow me to group systems by Release names? Ultimately I need to quickly identify which systems are affected by the latest CVE (i.e 2022-22675). Currently I am creating new smart groups with each new zero day but I know there has to be a better way.

user-IUsJxvLxeb · ‎05-19-2022

Thank you I had not seen that option.

View solution in original post

stevewood · ‎05-19-2022

If you're most interested in which builds remediate a CVE, you probably want to use the build number since older macOS releases do not change their version numbers when security updates are posted. You get the lists of build numbers by looking at the Release History section of the Wikipedia page for each release (that's Big Sur in that link).

From there you just build a Smart Group looking for that specific build. For example, the latest build of Big Sur is 20G624 so your Smart Group would look like:

You can add as many build numbers as you want using "Or". If you wanted to capture all devices for Catalina, Big Sur, and Monterey that were on the latest build:

And you can find out about Apple's updates here: https://support.apple.com/en-us/HT201222

user-IUsJxvLxeb · ‎05-19-2022

Thank you.. This would still require me to update the groups based on each CVE release. Is there a way to check for that they are not running the latest build that doesn't require me to modify the criteria on an ongoing basis (similar to what is available in the Patch report functionality). I can determine which devices are not on the latest at will without any manual intervention. I would love to create a smart group based on that report.

stevewood · ‎05-19-2022

If you're using Patch Management titles, you can use the "Latest Version" in a Smart Group:

user-IUsJxvLxeb · ‎05-19-2022

Thank you I had not seen that option.

Jamf Nation Community

Smart Group Creation to align with MacOS Release Names