DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application is being examined under the pre-AIA  first to invent provisions. 
Response to Arguments
Applicant’s remarks filed on 11/16/2022 have been fully considered, therefore, see the office action below. 
The examiner will respond to all other remarks that do not concern the prior art rejections, if any, in the office action below.  
Response to Amendment
Status of the instant application:
Claim[s] 6 – 10, 13 – 18 have been cancelled in response hereto. 
Regarding claim[s] 1 – 5, 11, 12, 19 are pending in the instant application. 
Regarding claim[s] 12 under the objection for proper grammatical punctuation, applicant’s claim amendment has been inspected, therefore, the objection is withdrawn. 
Regarding claim[s] 1, 13, under the interpretation– means plus function, applicant’s cancellation of the means plus function claim language has been considered, therefore, the interpretation is withdrawn.  
Regarding claim[s] 1, 6, 13, under the rejection for indefiniteness – means plus function, the filed specification lacks structure/hardware and nexus of functional claim language to such structure/hardware, applicant’s cancellation of such claim language has been inspected, therefore, the rejection is withdrawn. 
Regarding claim[s] 1 – 18 under the non – statutory obvious type double patenting rejection, applicant’s e-terminal disclaimer was filed and approved on 11/16/2022. Therefore, the rejection is withdrawn. 
Regarding claim[s] 19, this is a newly added claim and is addressed in the office action below. 
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 11/16/2022 was filed after the mailing date of the non-final rejection on 06/16/2022.  The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.
Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of pre-AIA  35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed in the United States before the invention by the applicant for patent or (2) a patent granted on an application for patent by another filed in the United States before the invention by the applicant for patent, except that an international application filed under the treaty defined in section 351(a) shall have the effects for purposes of this subsection of an application filed in the United States only if the international application designated the United States and was published under Article 21(2) of such treaty in the English language.

Claim(s) 19 is/are rejected under pre-AIA  35 U.S.C. 102(e) as being taught by Banzhof [US PGPUB # 2003/0126472]
As per claim 19. Banzhof does teach a non-transitory computer-readable media storing instructions that, when executed by at least one processor of a system [Banzhof, paragraph: 0010, In another embodiment, computer-readable media tangibly embodying a program of instructions executable by a computer to perform a process for resolving vulnerabilities in a computer comprises aggregating vulnerability information on a plurality of computer vulnerabilities; constructing a remediation database of said plurality of computer vulnerabilities; constructing a remediation signature to address a computer vulnerability; and deploying said remediation signature to a client computer.], causes the system to:
	access at least one data structure identifying a plurality of mitigation techniques that mitigate effects of attacks that take advantage of vulnerabilities [Banzhof, paragraph: 0024, In this embodiment, it is also contemplated that the client server 22 will keep a profile of the client computers 26 coupled thereto. The profile of the client computers 26 essentially records or logs the system information relating to the client computers 26. Primarily, the profile contains information regarding remediation performed on the client computer 26. It is contemplated, however, that the profile might also contain information regarding the formatting of the client computer 26, the software applications and versions running on the computer 26, etc., which might be helpful in managing security issues on the subject computer. By comparing the computer profiles with the vulnerability and remediation information downloaded from the flash server 20, the client server 22 can track what remediation may be required for each client computer 26. In addition, the client server 22 can manage the vulnerability resolution process for each client computer 26. For instance, the client server 22, or security or IT personnel via the server, could select which remediation signatures should be deployed to each client computer 26, or which vulnerabilities should or should not be addressed. In addition, vulnerability resolution can be managed by scheduling the various resolution events. For instance, when and how often the client computers 26 are scanned for vulnerabilities can be scheduled, as well as the timing of the deployment of the remediation signatures to address those vulnerabilities.], where:
	one or more of the plurality of mitigation techniques is identified based on an identification of an operating system, each mitigation technique is capable of mitigating an effect of an attack that takes advantage of a corresponding vulnerability [Banzhof, paragraph: 0024, In this embodiment, it is also contemplated that the client server 22 will keep a profile of the client computers 26 coupled thereto. The profile of the client computers 26 essentially records or logs the system information relating to the client computers 26. Primarily, the profile contains information regarding remediation performed on the client computer 26. It is contemplated, however, that the profile might also contain information regarding the formatting of the client computer 26, the software applications and versions running on the computer 26, etc., which might be helpful in managing security issues on the subject computer. By comparing the computer profiles with the vulnerability and remediation information downloaded from the flash server 20, the client server 22 can track what remediation may be required for each client computer 26. In addition, the client server 22 can manage the vulnerability resolution process for each client computer 26. For instance, the client server 22, or security or IT personnel via the server, could select which remediation signatures should be deployed to each client computer 26, or which vulnerabilities should or should not be addressed.], and
	each mitigation technique has a mitigation type including at least one of a patch, a policy setting, or a configuration option [Banzhof, paragraph: 0020, In addition, the remediation server 12 uses a signature module 18 to generate remediation signatures for the vulnerabilities. Typically, a remediation signature is a list of actions taken to address or resolve a vulnerability. In this embodiment, the remediation signatures include the following types of remediation actions: service management, registry management, security permissions management, account management, policy management, audit management, file management, process management, as well as service pack, hot fix and patch installation. These types of remediation actions are generally known in the computer security industry];
	receive information in connection with at least one of a plurality of devices [Banzhof, paragraph: 0019, In the operation of the system 10, the remediation server 12 obtains information relating to computer security vulnerabilities from the intelligence agents 14. The import module 15 provides the necessary interface between the remediation server 12 and the various intelligence agents having such information. Examples of intelligence agents include: ISS Internet Scanner, QualysGuard, Nessus, Eeye, Harris, Retina, Microsoft's hfNetCheck, and others. The vulnerability information may come in many forms from these agents. Two such forms include 1) general information from security intelligence organizations relating to known security vulnerabilities, such as vulnerabilities in widespread software applications like Microsoft Windows; and 2) specific information from scanning services relating to specific vulnerabilities found during a security scan of a client's computer or computer system 26. The remediation server 12 aggregates the vulnerability information obtained, from whatever source, into a remediation database 16. While aggregating the information into the database 16, the remediation server 12 may manipulate the information in many ways. For example, the server 12 may strip unnecessary information out, may sort the information into related vulnerabilities or otherwise, may remove duplicate information, may identify or associate certain related vulnerabilities, etc.];
	identify an attack on the at least one device that takes advantage of at least one of the vulnerabilities, based on the information [Banzhof, paragraph: 0019, In the operation of the system 10, the remediation server 12 obtains information relating to computer security vulnerabilities from the intelligence agents 14. The import module 15 provides the necessary interface between the remediation server 12 and the various intelligence agents having such information. Examples of intelligence agents include: ISS Internet Scanner, QualysGuard, Nessus, Eeye, Harris, Retina, Microsoft's hfNetCheck, and others. The vulnerability information may come in many forms from these agents. Two such forms include 1) general information from security intelligence organizations relating to known security vulnerabilities, such as vulnerabilities in widespread software applications like Microsoft Windows; ]; and
	automatically apply at least two of the plurality of mitigation techniques including at least one first mitigation technique of a first mitigation type and at least one second mitigation technique of a second mitigation type to the at least one device, for mitigating an effect of the attack on the at least one device that takes advantage of the at least one vulnerability, by preventing the attack from taking advantage of the at least one vulnerability [Banzhof, Figure # 3, and paragraph: 0029, lines 1 – 27,  FIG. 3 is a flow chart illustrating an overview of an embodiment of a computer vulnerability remediation process in accordance with the present invention. The remediation process 60 begins with vulnerability assessment in box 61. Vulnerability assessment comprises using automated assessment tools and audit processes, intelligence agents, to verify the existence of known vulnerabilities on a given computer or computer network. This assessment process may also include device discovery; that is, the mapping of network and subnetwork components to be assessed and identifying the devices that will be targeted for vulnerability assessment. In box 62, the vulnerability information is imported or aggregated in the system, typically in a remediation database, and remediation signatures can be constructed to address the identified vulnerabilities. As noted, the remediation signatures are typically associated with the corresponding vulnerabilities in the remediation database. The vulnerability information is then reviewed in box 63. The review process typically includes analyzing the vulnerability information to prioritize and identify vulnerabilities for remediation, as well as acceptable risks (i.e., where no remediation is required). As indicated in box 64, the remediation can then be scheduled to occur when, where, and how desired. This allows the remediation to occur in off-peak times to reduce interference with normal computer operations, on only the identified target computers, and in the manner desired.  Where further of Banzhof, at paragraph: 0021, lines 1 – 4, A remediation signature may address one or more vulnerabilities. For clarity of explanation, however, it will be assumed that in this embodiment each remediation signature addresses a single vulnerability or type of vulnerability.], where the at least one first mitigation technique of the first mitigation type and the at least one second mitigation technique of the second mitigation type utilize different underlying security technology types that are both supported by a same system component that is capable of identifying the attack and preventing the attack from taking advantage of the at least one vulnerability after the at least two mitigation techniques are automatically applied [Banzhof, Figure #1 and paragraph: 0020, In addition, the remediation server 12 uses a signature module 18 to generate remediation signatures for the vulnerabilities. Typically, a remediation signature is a list of actions taken to address or resolve a vulnerability. In this embodiment, the remediation signatures include the following types of remediation actions: service management, registry management, security permissions management, account management, policy management, audit management, file management, process management, as well as service pack, hot fix and patch installation. These types of remediation actions are generally known in the computer security industry. Where at Banzhof, Figure #2 and paragraph: 0026, FIG. 2 is a block diagram providing another illustration of an embodiment of a vulnerability resolution system 30 in accordance with the present invention. More particularly, FIG. 2 provides another way to visualize the architecture of a vulnerability system in accordance with the present invention. As shown in FIG. 2, the architecture of this embodiment of the vulnerability system 30 generally comprises an aggregation section 31 and a remediation section 32. The aggregation section 31 of the architecture is essentially responsible for obtaining and aggregating the computer security vulnerability information while the remediation section 32 is essentially responsible for constructing remediation signatures for the identified vulnerabilities and deploying those remediations to client computers in a managed and automated manner.].
Allowable Subject Matter
Claim[s] 1 – 5, 11, 12 contains allowable subject matter, but as allowable subject matter has been indicated, applicant's reply must either comply with all formal requirements or specifically traverse each requirement not complied with.  See 37 CFR 1.111(b) and MPEP § 707.07(a).
***A reasons for allowance will be written in the next subsequent office action once the formal requirements herein have been overcome. 

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
	Willebeek – LeMair, who does teach An intrusion detection functionality  analyzes the network traffic to identify whether the content transmitted from other network is harmful to the network. 
	Hines, who does teach he patch files comprising descriptive data for patches, useful for correcting bugs in the computer system, are accessed and processed to create a patch search set comprising the patches of the files configured for use with installed packages
	Shostack, who does teach automatically providing enhancements to computer security software whenever the enhancement becomes available. In another aspect, the invention relates to an integrated system for assessing security vulnerabilities of a computer and/or a computer network.
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
/DANT B SHAIFER HARRIMAN/          Primary Examiner, Art Unit 2434