Nexpose release: 5.3 June 6, 2012

Document created by mglinski Employee on Jun 5, 2012Last modified by mglinski Employee on Jun 6, 2012
Version 5Show Document
  • View in full screen mode
                                                

Rapid72012-06-06 product and content updates
                  Release announcement

              

This Rapid7® Nexpose® 5.3  release includes new features and improvements for credentials, reporting, scan discovery, coverage, usability, and administration.
                 
These release notes document what's new in this Nexpose release. Your Nexpose installation will automatically download and install content updates. If you have enabled Nexpose to install product updates, it will do so as well. See the third FAQ.

 

Thanks for choosing Nexpose!

In  release 5.3, Rapid7 continues our commitment to delivering a great product to  you. This release includes shared credential management, CyberScope reports,  and numerous other enhancements and fixes that we are excited to deliver. In  terms of coverage, we released checks for more than 1,700 vulnerabilities since  the 5.2 release. Please, keep the feedback coming!
 
Sincerely,

Eric Reiners
Director of Engineering, Rapid7


Remember to clear your browser cache after applying this  update!


If your maintenance routine includes making backups, create a  new one after upgrading to this release in order to ensure that you have the  latest configuration and data captured.


Credential management | product

 

Shared credentials simplify scan authentication configuration

You can now create and manage scan credentials that can be used in multiple sites. This is useful if you need to perform authenticated scans on multiple assets that require the same credentials. For example, your organization's security policy may require a set of credentials to change every 90 days. You can edit that set in one place and apply the changes to every site where those credentials are used. This eliminates the need to change the credentials in every site, one-by-one.

credential management

 

Reporting | product

            

CyberScope format simplifies reporting for federal agencies

With the new CyberScope XML Export format, federal agencies can now quickly and easily fulfill their requirement to submit monthly FISMA security reports to the U.S. Office of Management and Budget (OMB).

Configuring a CyberScope report is simple. When creating a report in the Web interface, select the CyberScope format. Enter the Component, Bureau, and Enclave, according to guidelines specified in the CyberScope Automated Data Feeds Submission Manual published by the OMB. For more information on the supported CyberScope version, go to http://scap.nist.gov/use-case/cyberscope/.

CyberScope              

NOTE: The  CyberScope format is only available with Nexpose Federal Edition and a license  that enables FDCC or USGCB scanning.  To discuss pricing and upgrade options, please contact Rapid7.

 

Administration and general usability | product

Scan template configuration features improved discovery performance settings

Scan templates feature a dedicated discovery performance page and improved discovery performance tuning. When configuring a scan template, you can use convenient, new slider controls to adjust discovery settings. During the discovery phase of scans, performance is adjusted for better accuracy based on environment conditions and scan template configuration.

discovery

 

Update process is improved

The update process has been improved in the following ways:

  • Enhanced logging for update-related events provides better monitoring and diagnostics.
  • The update process handles issues such as power outages and insufficient disk space more gracefully.
  • Failed updates no longer result in lost access to the application. You can continue to perform normal operations.

Other usability and maintenance improvements

  • CSV exports no longer fail when MAC addresses are incorrectly formatted.
  • A defect that prevented reports from being edited in Internet Explorer 7 has been corrected.
  • The Manage Engines page now provides more responsive feedback on Scan Engine status.
  • An issue that prevented the editing of some site configurations has been corrected.
  • You can now view the scan history for sites that have been assigned to a Scan Engine pool.
  • The maximum file size for nsc.log has increased from 10MB to 100MB to capture more information for troubleshooting and tracking of system activity.

Scanning and coverage | product

Improvements to scanning and coverage provide better tracking of security issues

  • Scan Engines on all supported platforms can now handle changes to their network interfaces, such as their hosts suspending, hibernating, or changing their IP addresses.
  • New checks are available for the following security threats:
    • a vulnerability in Microsoft Remote Desktop, as reported in Microsoft Security Bulletin MS12-020
    • the SubSeven remote-administration trojan


Web scanning | content

Web scanner features better use of session credentials

The Web scanner's use of HTTP session credentials has been improved for better authentication on target Web applications.


System requirements | product

  • Mozilla has end-of-lifed Firefox 3.6 and has advised users that continuing use of Firefox 3.6 is no longer supported and poses a significant security risk. Therefore support is discontinued for both Firefox 3.5 and 3.6, effective immediately. Moving forward, the current Mozilla Extended Support Release (ESR) supported versions will be supported.
  • You can now run the application on VMware ESXi 5.0.


Environment file update | product

The NeXposeEnvironment.env has been modified as part of this release.


Documentation | product

A number of documentation improvements make it easier for you to find the information you need:

  • The API 1.1 and 1.2 guides have been consolidated into one document. The new guide explains in detail how the two API versions are different: They support different subsets of features and are validated differently. The guide also provides easier navigation, via PDF hyperlinks, to the calls that are included in each version. Additionally, headings for API 1.2 attributes and elements are presented in a "breadcrumb" format so that you can correlate these attributes and headings with their specific APIs for better context. As of this release, the individual API 1.1 and 1.2 guides are no longer available.
  • The Appliance guides for the Scan Engine and Security Console have been consolidated into one document, which explains the difference between the two components and how to determine which type of Appliance you have. As of this release, the individual Scan Engine and Security Console Appliance guides are no longer available.
  • The user's guide has been expanded to include content on vAsset discovery, scan template customization, and other operations that help you discover and assess your security environment. This additional content previously appeared in the administrator's guide, which has been edited to address operations that are specific to administration, such as deployment, user and role provisioning, maintenance, and troubleshooting.

All documents can be downloaded from the Support page in the Web interface.


Security content updates since 5.2

  • We have released checks for more than 1,700 vulnerabilities since the 5.2 release.
  • The list of bi-monthly vulnerability check updates includes: Adobe (AIR, Flash, Reader, Shockwave), Apache, Apple (iTunes, Java, OS X, QuickTime, Safari), Bind, CentOS, Cisco Devices, Google Chrome running on Linux, Microsoft Windows, Apple OS X, IBM AIX, Java Runtime Environment, Microsoft Silverlight for Apple OS X targets, Mozilla (Firefox, SeaMonkey, Thunderbird), OpenSSL, Oracle Linux, PHP, Red Hat Enterprise Linux, Solaris, and VMware.
  • Since  the 5.2 release, new or expanded vulnerability checks have been created for the  following programs:
    • Adobe AIR
    • Google Chrome running on Linux, Microsoft Windows, and Apple OS X
    • Microsoft Silverlight for Apple OS X targets
  • Other check improvements since 5.2 include the following:
    • A vulnerability check for improperly secured WebDAV servers now properly concludes.
    • The Symantec Endpoint Protection DAT version is now detected and reported in the software listing for all systems running SEP.
  • In total, Nexpose now performs more than 88,500 checks for more than 29,700 vulnerabilities.

Product update IDs

                
  •   Linux 32                   | Update ID: 3135666527
  •   Linux 64                   | Update ID: 110168100
  •   Windows 32              | Update ID: 2443132621
  •   Windows 64              | Update ID: 3814088658
              

Content update IDs

                          
  • Update ID: 664297268
  

Installers

   Released on June 6, 2012 .                             

md5sum files
                 

Download the appropriate md5sum file to ensure that the installer was not corrupted during download:                                

Frequently asked questions (FAQs)

              
  1. How will I know Nexpose has updated with this specific release?
    All updates are listed on the News page of the Nexpose Security Console Web interface.
  2. Why doesn’t the most recent date on the News page match the dates of the current updates on the Administration page?
    You may occasionally notice that the most recent date on the News page does not match the dates of the current updates listed on the Nexpose Security Console administration page. The dates on the News page are official release dates. The dates on the console page indicate when updates were actually applied to your Nexpose installation.
  3. Does  dynamic self-updating cause Nexpose to restart?
    Yes. You may notice Nexpose taking longer to start for the first time after installation. You may also notice it restarting more than once as it completes a required sequence of updates.
  4. When will Nexpose restart?
    Nexpose will install the updates in the background if  scans are currently running and will restart automatically when the scans complete. If you receive error messages after installing updates, stop or pause any scans and restart Nexpose.
  5. What are content updates, and what are product updates?
    Content updates include new checks for vulnerabilities, patch verification, and compliance with security policies. Product updates include performance improvements, bug fixes, and new features in Nexpose.
  6. Why are installers not updated with every release?
    To help you stay on top of an ever-growing number of security threats, Rapid7 makes the delivery of new security content timely and convenient. After installation and first-time start-up, Nexpose continues to update itself dynamically. This makes it unnecessary for Rapid7 to update installers with every release of security content. So, you don't have to download installers every time new content is available.
  7. How can I obtain more information about this release?
    If you have purchased Nexpose, contact our Technical Support Team at Support@Rapid7.com. If you are using the Community version of Nexpose, go to http://community.rapid7.com.
  8. Where can I find announcements for previous releases?
    You can find all release announcements in the Rapid7 Community at  https://community.rapid7.com/community/nexpose/nexpose_release_notes?view=docume nts.
              
Join the Rapid7 Community!
Learn tips and tricks, engage with your peers,
and keep up with the latest product developments.
https://community.rapid7.com
          

Attachments

    Outcomes