Nexpose weekly release notes for May 2015

Document created by S Tempest Employee on Jun 5, 2015Last modified by mglinski on Jun 25, 2015
Version 4Show Document
  • View in full screen mode

Posted on May 6 2015

 

To help you protect your environment against ever-evolving security threats, Rapid7 releases coverage updates for Nexpose on a weekly basis. Product IDs and installer links are added the day of the release. This page contains detailed announcements for the most recent Nexpose coverage releases:


This Rapid7® Nexpose® 5.14.0 release contains:

  • database update notification
  • application improvements
  • scanning improvements

Database update notification

  • Upgrade your database to the latest version of PostgreSQL by August 27, 2015 to prepare you for future product updates. View the notification in the Security Console for a link to the migration utility. See the video for detailed instructions on how to upgrade the database.

Application improvement | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • Global Administrators can now configure a custom password policy that applies to all users in an installation.
  • You are no longer required to restart your Scan Engines to load custom fingerprint content. This simplifies the development and testing of custom fingerprints.
  • We have updated the Nmap version to improve scan accuracy and performance, and to resolve defects.
  • You now have the ability to change schedules on a site while another scheduled scan is paused.
  • You can now select whether a distributed Scan Engine or the Security Console initiates communication during scanning operations. Configure this option from the Scan Engines page in the Administrationsection. See the Help for more information.

Scanning improvement | product

Better scan performance helps you to retrieve scan results more quickly with improved accuracy and more efficient use of resources:

  • Global Administrators can now configure blackouts to pause all scans throughout an installation for a specified time period.
  • Site Managers can now configure blackouts to pause all scans in a site for a specified time period.
  • You can now use the Nexpose API to configure blackouts to pause scans for a specified time period throughout your Nexpose installation or for a specific site.

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.

Product Update IDs

  • Linux 64 | Update ID: 991627825
  • Windows 64 | Update ID: 3600740373

Content update

    • Update ID: 1406678832

This Rapid7® Nexpose® 5.13.8 release contains:

      • upcoming application improvement notification

Application improvement | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

      • Coming soon: Database upgrade. A future release will include a utility for upgrading your PostgreSQL database to the latest version. As of that release, you will be notified of a time window within which you will need to upgrade the database in order to receive future product updates.

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.

Product Update IDs

      • Linux 64 | Update ID: 3508647383
      • Windows 64 | Update ID: 3863317007

Content update

      • Update ID: 2661557338

This Rapid7® Nexpose® 5.13.7 release contains:
  • Patch Tuesday checks
  • application improvement
  • accuracy improvement

May Patch Tuesday checks | content

New vulnerability checks provide up-to-date Microsoft Patch Tuesday scan coverage for May 2015. For information about all current security bulletins covered in this release, see the Microsoft Security Bulletin Summary for May 2015. Use the checks in this update to verify that the latest Microsoft patches have been applied to system assets.These checks help you determine where new risks are located in your environment, allowing you to prioritize what needs to be remediated and help minimize risk.

Application improvement | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:
  • We have fixed an issue where the Stopped Scan alert event could not be saved in an alert configuration.

Accuracy improvement | content & product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:
  • An issue that could prevent RC4 cipher algorithms from being detected when a server accepts SSLv2 connections has been resolved.

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.

Product Update IDs

  • Linux 64 | Update ID: 1728869558
  • Windows 64 | Update ID: 2134112012

Content update

  • Update ID: 66421762

This Rapid7® Nexpose® 5.13.6 release contains:
  • application improvements

Application improvements | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:
  • We have fixed an issue where reports could fail to generate when running concurrently.
  • We have resolved an issue in the Basic Vulnerability Check Results (CSV) export report that could cause columns to be misaligned when a vulnerability proof is too long.

Scanning improvement | product

Better scan performance helps you to retrieve scan results more quickly with improved accuracy and more efficient use of resources:
  • Scan Engine memory management for engine pool scans has been improved.

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.

Product Update IDs

  • Linux 64 | Update ID: 2170186464
  • Windows 64 | Update ID: 949396746

Content update

  • Update ID: 1423737910

 

Attachments

    Outcomes