Nexpose release notes for June, 2015

Document created by mglinski Employee on Jun 5, 2015Last modified by mglinski Employee on Jun 25, 2015
Version 22Show Document
  • View in full screen mode

To help you protect your environment against ever-evolving security threats, Rapid7 releases coverage updates for Nexpose on a weekly basis. Product IDs and installer links are added the day of the release. This page contains detailed announcements for the most recent Nexpose coverage releases:


This Rapid7® Nexpose® 5.15.0 release contains:                           

  • database update notification
  • application improvements
  • accuracy improvements
  • recurring coverage updates


Database update notification

Upgrade your database to the latest version of PostgreSQL by August 27, 2015, to prepare you for future product updates. View the notification in the Security Console for a link to the migration utility. Watch a video for detailed instructions on how to upgrade the database.


Have you tuned your Nexpose database?

Tuning your Nexpose database is an important best practice to ensure optimal performance for new features and core Nexpose operations, such as integrating scan data and generating reports. After you upgrade your database to the latest version (see preceding note) make sure to tune your PostgreSQL settings. See the section Tuned PostgreSQL settings in the Nexpose Administrator's Guide, which you can download from the Rapid7 community.

 

Coverage for Adobe Flash zero-day vulnerability | content

New coverage is available for the Adobe Flash zero-day vulnerability (CVE-2015-3113) reported in Adobe's June 23, 2015, security bulletin.

 

Application improvements | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • With Rapid7's new AppSpider web application scanning solution, you can now import AppSpider results into your scan data. This allows you to have a central view of the security information about your network assets alongside your web application vulnerability data for more comprehensive assessment and prioritization of remediation. For more information, see the topic Importing AppSpider scan data in the user’s guide or Help. Watch a video.

s_nx_appspider_import.png

  • You can now dynamically discover assets by "listening" for syslog data from a DHCP server. This expands available methods for DHCP data collection to give you a more complete understanding of your risk surface area. For more information, see the topic Managing dynamic discovery of assets in the user’s guide or Help.
  • Getting visibility into an asset as soon as it joins the network is now possible with Infoblox Trinzic DDI. You can now create dynamic discovery connections that integrate directly with DDI to identify new assets as soon as they get DHCP addresses. This option expands your range of available data sources for discovering assets. For more information, see the topic Managing dynamic discovery of assets in the user’s guide or Help. Watch a video.

s_nx_dynamic_discovery_connection_infoblox.png

Accuracy improvements | product           

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • Scan logs now report the duration of various scan tasks, making log file analysis and debugging more effective.
  • The remediation steps for the windows-unquoted-search-path-or-element vulnerability are now clearer.
  • The names for Oracle Enterprise Linux vulnerabilities have been adjusted to resolve inaccuracies.


Recurring coverage | content

New and updated vulnerability checks help you protect your environment against the latest threats. See all the operating systems and applications covered by these updates.

                                    

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.


Product Update IDs

  • Linux 64 | Update ID: 2619347831
  • Windows 64 | 4213247849


Content update

  • Update ID: 4084281761




This Rapid7® Nexpose® 5.14.3 release contains:                 

  • database update notification
  • application improvements
  • recurring coverage updates

Database update notification

Upgrade your database to the latest version of PostgreSQL by August 27, 2015, to prepare you for future product updates. View the notification in the Security Console for a link to the migration utility. See the video for detailed instructions on how to upgrade the database.

Have you tuned your Nexpose database?

Tuning your Nexpose database is an important best practice to ensure optimal performance for new features and core Nexpose operations such as integrating scan data and generating reports. After you upgrade your database to the latest version (see preceding note) make sure to tune your PostgreSQL settings. See the section Tuned PostgreSQL settings in the Nexpose Administrator's Guide, which you can download from the Rapid7 community.


Application improvements | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • A report scheduled to run after a scan completes now includes the most current assets, refreshed as of the scan, that pertain to asset groups and tags that are in the scope of the report. This ensures that stakeholders in your organization can view and act on the most up-to-date asset data within specific business contexts.
  • You can use a new XML format to describe the process of fingerprinting targets for protocols that are not currently supported by the scanner. This expands fingerprinting coverage for increased accuracy.
  • You can now view online Help in Japanese and Simplified Chinese. To change the Help language, click your user name in the upper-right area of the Home page and select User Preferences. On the User Configuration page, select your desired language from the drop-down list labeled Display user interface in. You may need to refresh your browser page the first time that Help displays. PDFs in these languages are also now available in the Nexpose documents section of the Rapid7 Community.


Recurring coverage | content

New and updated vulnerability checks help you protect your environment against the latest threats. See all the operating systems and applications covered by these updates.


Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.


Product Update IDs

  • Linux 64 | Update ID: 3850358455
  • Windows 64 | Update ID: 2632237631

 

Content update

  • Update ID: 792358473

This Rapid7® Nexpose® 5.14.2 release contains:

 

  • database update notification
  • Patch Tuesday and other coverage improvements
  • application improvements
  • accuracy improvements


Database update notification

  • Upgrade your database to the latest version of PostgreSQL by August 27, 2015, to prepare you for future product updates. View the notification in the Security Console for a link to the migration utility. See the video for detailed instructions on how to upgrade the database.


June 2015 Patch Tuesday coverage | content 

Coverage for June Patch Tuesday exposures: New vulnerability checks provide up-to-date Microsoft Patch Tuesday scan coverage for June 2015. For information about all current security bulletins covered in this release, see the Microsoft Security Bulletin Summary for June 2015. Use the checks in this update to verify that the latest Microsoft patches have been applied to system assets.


Application improvements | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • An issue that prevented display of icons and tool tips related to malware, exploits, and Metasploit modules in the Vulnerabilities table has been corrected.
  • We've corrected several issues to ensure that you can delete silos and update silo users in all multi-tenancy deployments.
  • Vulnerability proofs related to Microsoft Office checks are more accurate and specific.


Accuracy improvements | content & product

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • The list of PHP vulnerabilities not applicable to Red Hat Enterprise Linux systems has been updated. To override false results for PHP vulnerabilities, enable the vulnerability correlation setting in the Vulnerability Check tab of a scan template, and then scan with that template.
  • Scans can now use information obtained via multicast Domain Name System (mDNS) to fingerprint assets, which improves the accuracy of unauthenticated scans. Due to the nature of mDNS, this information may only be available for Scan Engines on the same subnet or broadcast domain as the scanned assets.

 

Coverage improvements | content

New coverage expands your visibility into assets and threats in your environment:

  • A new check detects the Logjam vulnerability (CVE-2015-4000).
  • You can now fingerprint HP Data Protector without credentials.


Recurring coverage | content

New and updated vulnerability checks help you protect your environment against the latest threats. See all the operating systems and applications covered by these updates.

            

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.


Product Update IDs

  • Linux 64 | Update ID: 931524215
  • Windows 64 | Update ID: 1196686362


Content update

  • Update ID: 611078757

This Rapid7® Nexpose® 5.14.1 release contains:

  • database update notification
  • application improvements
  • accuracy improvements
  • coverage improvement

Database update notification

  • Upgrade your database to the latest version of PostgreSQL by August 27, 2015, to prepare you for future product updates. View the notification in the Security Console for a link to the migration utility. See thevideo for detailed instructions on how to upgrade the database.

Application improvements | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • Interruptions to a scan no longer prevent assets currently being scanned from appearing in theIncomplete Assets table of that scan's progress page.
  • A corrected issue ensures that historical asset data is always retained in the Risk Trends graph on theHome page of the Web interface and in the Executive Overview report.
  • When using SiteSaveRequest API to set up a scan, if you accidentally specify an IP address in the hostelement, the scan will integrate the asset data as an IP address in the Web interface and reports. Previously, the asset would either not appear in the scan data; or reports that included the asset would fail to run.
  • The reporting data model now includes the port and protocol fields in the dim_asset_service_credential view. This makes it easier for you to run queries and reports on the scan authentication status of assets.
  • We corrected an issue in the API where the two addresses of an IP address range would be transposed in the creation of a tag based on the range. This prevented the ability to use the tag.

Accuracy improvements | content

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • Fingerprints of VMware ESX(i) now contain more detailed system version and update information.
  • Unauthenticated fingerprinting of Windows operating systems has been improved.

Coverage improvement | content

New coverage expands your visibility into assets and threats in your environment:

  • A new check detects whether the Jenkins Script Console can be accessed without authentication.

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.

Product Update IDs

  • Linux 64 | Update ID: 2622460361
  • Windows 64 | Update ID: 53487653

Content update

  • Update ID: 2672196785

Attachments

    Outcomes