Nexpose weekly release notes

Version 496

    To help you protect your environment against ever-evolving security threats, Rapid7 releases coverage updates for Nexpose on a weekly basis. Product IDs and installer links are added the day of the release. This page contains detailed announcements for the most recent Nexpose coverage releases:


      

       

    This Rapid7® Nexpose® 5.12.10 release contains:

    Application improvements | product

    Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

    • An issue that caused the Instances column to disappear from the Vulnerabilities table when filters were applied has been corrected.
    • An issue that could delay scan integration during nightly recalculation has been corrected.
    • The newly renamed Site Scan Summary table now displays correlated assets in the Active Assets column. This more accurately reflects the number of assets found in the most recent scan. The table was previously called Site Summary.
                                                        

    Scanning improvements | content


    Better scan performance helps you to retrieve scan results more quickly with improved accuracy and more efficient use of resources:

    • We have corrected an issue that prevented some SMTP vulnerability checks from being executed on scan targets that use the STARTTLS extension to plain text communication protocols.
                                                            

    Recurring coverage | content

                                                          

    New and updated vulnerability checks help you protect your environment against the latest threats. See all the operating systems and applications covered by these updates.

     

    Installer links, md5sum links, and virtual appliance links


    Click here for the latest installer links, md5sum links, and virtual appliance links.

    FAQ


    For details about restarting Nexpose after updating and other update information, see Nexpose release FAQ.

      

    Product Update IDs

        

    • Linux 64 | Update ID: 2931180246
    • Windows 64 | Update ID: 730061955

                

    Content update

      

    • Update ID: 1149573419

                          


     

       

    This Rapid7® Nexpose® 5.12.9 release contains:

     

    Application improvements | product


    Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

    • An issue that caused some vSphere assets to be excluded from Dynamic Discovery has been corrected.
    • The tables on the Assets page are now HTML tables, so you can easily copy displayed information and paste it into other applications.                                       
                                                  

    Recurring coverage | content

                                                

    New and updated vulnerability checks help you protect your environment against the latest threats. See all the operating systems and applications covered by these updates.

     

    Installer links, md5sum links, and virtual appliance links


    Click here for the latest installer links, md5sum links, and virtual appliance links.

    FAQ


    For details about restarting Nexpose after updating and other update information, see Nexpose release FAQ.

     

    Product Update IDs

     

    • Linux 64 | Update ID: 207374250
    • Windows 64 | Update ID: 414255075

      

    Content update

     

    • Update ID: 1602268934

                


       

     

    This Rapid7® Nexpose® 5.12.8 release contains:

     

    March Patch Tuesday checks | content


    New vulnerability checks provide up-to-date Microsoft Patch Tuesday scan coverage for March 2015. For information about all current security bulletins covered in this release, see the Microsoft Security Bulletin Summary. Use the checks in this update to verify that the latest Microsoft patches have been applied to system assets.


    These checks help you determine where new risks are located in your environment, allowing you to prioritize what needs to be remediated and help minimize risk.


    Application improvements | product


    Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

    • An issue that prevented the sending of diagnostic log files to Technical Support has been corrected.
    • An issue that prevented the Tagged Assets hyperlink from appearing in the Web interface when the number of tagged assets exceeded 999 has been corrected.
    • An issue that could prevent vulnerability exceptions applied to assets from appearing on asset details pages has been corrected.
                                    

    Coverage improvements | content


    New coverage expands your visibility into assets and threats in your environment:

    • New, unauthenticated vulnerability coverage detects servers supporting RSA export-grade ciphers. This helps to mitigate the FREAK TLS vulnerability.
    • New coverage detects Komodia Redirector SSL/TLS interception, which is related to Superfish adware attacks and other security issues.
                                          

    Recurring coverage | content

                                        

    New and updated vulnerability checks help you protect your environment against the latest threats. See all the operating systems and applications covered by these updates.

     

    Installer links, md5sum links, and virtual appliance links


    Click here for the latest installer links, md5sum links, and virtual appliance links.


    FAQ


    For details about restarting Nexpose after updating and other update information, see Nexpose release FAQ.

     

    Product Update IDs

     

    • Linux 64 | Update ID: 4137467488
    • Windows 64 | Update ID: 364077760

     

    Content update

     

    • Update ID: 1724896631

      


       

     

    This Rapid7® Nexpose® 5.12.7 release contains:

    Application improvement | product


    Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

    • We have corrected an issue that could prevent asset information from updating during scans for some assets. The cause was a defect that created duplicate asset information in certain situations for a limited number of customers.
                          

    Scanning improvement | product


    Better scan performance helps you to retrieve scan results more quickly with improved accuracy and more efficient use of resources:

    • Unauthenticated scans on the engine's local network now capture MAC addresses.
                                

    Recurring coverage | content

                              

    New and updated vulnerability checks help you protect your environment against the latest threats. See all the operating systems and applications covered by these updates.

     

    Installer links, md5sum links, and virtual appliance links


    Click here for the latest installer links, md5sum links, and virtual appliance links.

    FAQ


    For details about restarting Nexpose after updating and other update information, see Nexpose release FAQ.

     

    Product Update IDs

     

    • Linux 64 | Update ID: 469898168
    • Windows 64 | Update ID: 2710086389

     

    Content update

     

    • Update ID: 2143001770