[ bonus points - that's got to be the biggest post title yet :-) ]
An SBS 2011 server, all patched up with the latest Microsoft Update fixes failed a Trustwave PCI security scan. When we looked at the detail most of the fail points were around SharePoint vulnerabilities.
Looking at the SharePoint Central Administration console, the Health Analyzer was throwing up warnings about out of date databases and upgrades required. they're no entirely straightforward because there's a difference between content databases and other databases.
With SharePoint updates you do need to run the upgrade tool sometimes after Microsoft Updates have been loaded, to get the database to upgrade too.
Start a Command Shell with administrative rights (or the SharePoint PowerShell) and run this command;
PSConfig.exe -cmd upgrade -inplace b2b -force -cmd applicationcontent -install -cmd installfeatures
That cleared all but one of the Health Analyzer warnings for us. The remaining one was the "WSS_Search SPSearchDatabase Database is too old" or more strictly, WSS_Search_
servername. We had trouble tracking down that database GUID to issue a PS upgrade, as mentioned on the Technet forum.
Restarting services and rebooting didn't seem to clear either. The only info we could Google was the upgrade command above. In the end, having run the command repeatedly, the database upgraded and the warning cleared. It appeared to take 2-3 repeats of that command before WSS_Search was up to date.
Let you know about the PCI re-scan, I've just requested it ...