User Seeking Guidance on Vulnerability Discovery Method in TryHackMe Blue Room

A user is working on the "Blue Room" challenge in TryHackMe, described as an unguided exercise. They identified a system vulnerability (ms-??-???) by running an Nmap scan, determining the operating system, and searching for exploits related to that specific Windows version. The user notes that this particular vulnerability was previously exploited in earlier Metasploit rooms. They are questioning whether their methodology is the intended approach for solving the challenge and are seeking a general strategy for finding vulnerabilities in other systems during penetration testing exercises.