Currently, my company is manually looking up our software packages on the National Vulnerability Database website (nvd.nist.gov). We are then taking that list of software that has vulnerabilities and writing SQL Queries into our Microsoft (SMS) Systems Management Server database to find out which clients have which software versions that contain vulnerabilities. We then have to create a .MSI file with the latest version of the software without the vulnerability and push it out to clients. Our Operating System Patches are handled fine by WSUS via GPO's it's just every other application that presents this tedious process. Is there some kind of better product or method that would allow us to streamline this process?