Qualys has added a new reporting feature to its vulnerability management service that helps IT staff work out which Microsoft patches to apply and in what order.

Patch Report is primarily an analysis tool for understanding which Microsoft vulnerabilities are being addressed by which patches, with an overview of which have been applied in the past and when. It also gives non-security staff an understandable historical view of the whole vulnerability and patching environment.

The feature is currently directed at helping customers deal with a morass of new, recent and old Microsoft applications, but it will imminently be extended to cover another patching favourite, Adobe. Other vendors and applications – including Linux, Red Hat - would be added over time, the company said.

“At the request of our customers, we built this new Patch Report so they can provide their counterparts in operations with a meaningful, task-oriented, “out-of-the-box” remediation plan,” said Qualys CEO, Philippe Courtot.

IT staff in any department could use the tool to generate ‘actionable’ patching plans, which would reduce the need for redundant patching, he said.