Tanium is aware of an issue with the Windows Patch Content. Two Tanium Packages Distribute Patch Tools and Scan, and Distribute Patch Tools each refer to a file that contains vulnerability mappings from Mitre. Due to Root Certificate Authority purging, and the behavior of the software library used in the Package File Download tools on the Tanium Server, we are temporarily unable to retrieve this file. The fastest way to resolve for any customer is to make the following change, depicted below, to each Tanium Server's registry:
On Each Tanium Server:
1. Open the Windows Registry (Regedit.exe)
2. Browse to HKEY_LOCAL_MACHINE\Software\Wow6432Node\Tanium\Tanium Server
3. Export the key by right-clicking your mouse pointer on the Tanium Server Key (left hand window) and choosing Export, and Save the key to a file as a backup.
4. From the right pane of the registry editor, modify the String value "TrustedHostList"
5. Append the value cve.mitre.org, to the end of the existing value string. Important note: Be sure to include the trailing comma as shown in the example
6. Login to the Tanium Console and navigate to Authoring->Packages,
7. Locate the Package “Distribute Patch Tools” and select it
8. Right click on the package selection and choose Show Status.
9. From the pop-up display list, locate the file cveData.html click the "re-download" link next to the file name
10. Verify that the file is now Cached—a message should appear in the file list indicating successful caching
11. Perform steps 6 through 10 on the Package named “Distribute Patch Tools and Scan”
This registry modification will become unnecessary in the future. Patch Content will be re-published and the dependency on that server will be eliminated when the new Content is imported to any environment.
Please let your Tanium TAM know if you require any assistance with the workaround described.