Vulnerable endpoint: how to manage it?


I've installed the protection on 23 devices. On some of them there is an exclamation point which means vulnerability because the "security content is out of date".

What am I supposed to do? There is a way to invite the devices' users to update the security content? What is the way to do it automatically through the policy? What is the section and voice of the policy I have to modify?

Thank you for your support!