Nexpose release notes for July, 2015

Document created by mglinski Employee on Jun 30, 2015Last modified by S Tempest on Sep 8, 2015
Version 14Show Document
  • View in full screen mode

To help you protect your environment against ever-evolving security threats, Rapid7 releases coverage updates for Nexpose on a weekly basis. Product IDs and installer links are added the day of the release. This page contains detailed announcements for the most recent Nexpose coverage releases:


This Rapid7® Nexpose® 5.16.0 release contains:

                                 
  • database update notification
  • application improvements
  • coverage improvement and recurring coverage

Database update notification

                           

Upgrade your database to the latest version of PostgreSQL by August 27, 2015, to prepare you for future product updates. View the notification in the Security Console for a link to the migration utility. Watch a video for detailed instructions on how to upgrade the database.

Have you tuned your Nexpose database?

           

Tuning your Nexpose database is an important best practice to ensure optimal performance for new features and core Nexpose operations, such as integrating scan data and generating reports. After you upgrade your database to the latest version (see preceding note) make sure to tune your PostgreSQL settings. See the section Tuned PostgreSQL settings in the Nexpose Administrator's Guide, which you can download from the Rapid7 community.

Application improvements | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

    • You can now make it more difficult for would-be attackers to brute-force or guess Security Console passwords by setting user password policies for size, complexity, and expiration. This improvement also makes it easier to enforce password security controls in your organization.

media.nl?id=2181785&c=663271&h=53619b7fd0c2b6e21686

    • If you develop custom fingerprints, you can have the Security Console distribute them automatically to any paired Scan Engine that is currently in use when a scan is run. It's as easy as copying files into a directory on the Security Console host machine, and you do not have to restart the console or engine. This simplifies and speeds up the process of scanning with custom fingerprints.
    • If you run manual scans, you can now select any available scan template when starting these scans, instead of being restricted to use the template that is designated in the site configuration. This gives you the flexibility to change scan settings "on the fly" to check for specific security issues, such as a zero-day vulnerability.

media.nl?id=2181786&c=663271&h=8a4368f5708ed1299eb4

  • If you are installing a distributed Scan Engine and need to initiate engine/console communication from the engine, you can now pair the engine to the console during the installation process. The installation wizard now includes simple steps for pairing to make it more efficient to deploy Scan Engines.
  • You can now include information on mobile devices in reports based on SQL queries with version 2.0.1 of the Reporting Data Model. This expands your reporting coverage for mobile devices, enabling your organization to track and prioritize security issues with them more easily.
  • Scans are no longer delayed from completing due to an internal task that updates asset information. If you run scans continuously, this allows you to view, and work with, scan results more quickly, so you can take remediating actions.

Coverage improvement | content

            

New coverage expands your visibility into assets and threats in your environment:

  • If your organization has assets running on the Oracle Solaris 10 operating system, you can make sure these assets comply with Center for Internet Security (CIS) policies. Expand your configuration assessment coverage by running policy scans and reports on Solaris 10 targets.

Recurring coverage | content

  • New and updated vulnerability checks help you protect your environment against the latest threats. See all the operating systems and applications covered by these updates.

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.

Product Update IDs

  • Linux 64 | Update ID: 271675726
  • Windows 64 | Update ID: 3602925655

Content update ID

  • Update ID: 16412138

This Rapid7® Nexpose® 5.15.4 release contains:

  • database update notification
  • coverage improvements and recurring coverage
  • application improvements
  • accuracy improvements

 

Database update notification

Upgrade your database to the latest version of PostgreSQL by August 27, 2015, to prepare you for future product updates. View the notification in the Security Console for a link to the migration utility. Watch a video for detailed instructions on how to upgrade the database.


Have you tuned your Nexpose database?

Tuning your Nexpose database is an important best practice to ensure optimal performance for new features and core Nexpose operations, such as integrating scan data and generating reports. After you upgrade your database to the latest version (see preceding note) make sure to tune your PostgreSQL settings. See the section Tuned PostgreSQL settings in the Nexpose Administrator's Guide, which you can download from the Rapid7 community.


Coverage improvement | content

New coverage expands your visibility into assets and threats in your environment:

  • New coverage verifies that Microsoft's patch for the vulnerability announced in its out-of-band MS15-078 security bulletin (July 20, 2015) has been applied to relevant assets in your environment. This helps you ensure protection against the threat of remote code execution through a security flaw in Microsoft Font Driver.


Application improvements | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • We have fixed an issue to ensure that scheduled scans always start when a maximum duration is set and the schedule is configured to repeat. If you use scheduling in your sites, this fix improves your scan continuity.
  • The Security Console now continuously tracks new and removed virtual machines discovered through a vSphere connection, even if the console goes temporarily offline during changes in the vSphere environment. If you use Dynamic Discovery, this improvement ensures that your connection always provides the most up-to-date asset information.


Accuracy improvements | content & product

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • We have corrected an issue that sometimes caused false positive or false negative results with checks for the following vulnerabilities:
    • CVE-2002-0653
    • CVE-2005-3392
    • CVE-2007-2897
    • CVE-2002-0082
    • CVE-2007-0041
    • CVE-2007-0042
    • CVE-2007-0043
    • CVE-2009-1536
  • Fingerprinting of Microsoft Sharepoint is now more accurate, so that you can keep better track of which versions are running in your environment and manage them accordingly.
  • Checks involving a remote execution test now return accurate results instead of "ERROR" results when targets respond with no data.
  • Scans that exceed a certain time limit on assets running Windows Management Instrumentation (WMI) now return actual check results instead of "ERROR" results, so that you can identify any security flaws with these assets.


Recurring coverage | content

  • New and updated vulnerability checks help you protect your environment against the latest threats. See all the operating systems and applications covered by these updates.


Product Update IDs

  • Linux 64 | 13519641
  • Windows 64 | 3649876537


Content update ID

  • Update ID: 528414858


Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.

 


This Rapid7® Nexpose® 5.15.3 release contains:

                 
  • database update notification
  • Patch Tuesday coverage
  • application improvement
  • coverage improvements
  • recurring coverage updates

Database update notification

           

Upgrade your database to the latest version of PostgreSQL by August 27, 2015, to prepare you for future product updates. View the notification in the Security Console for a link to the migration utility. Watch a video for detailed instructions on how to upgrade the database.


Have you tuned your Nexpose database?

Tuning your Nexpose database is an important best practice to ensure optimal performance for new features and core Nexpose operations, such as integrating scan data and generating reports. After you upgrade your database to the latest version (see preceding note) make sure to tune your PostgreSQL settings. See the section Tuned PostgreSQL settings in the Nexpose Administrator's Guide, which you can download from the Rapid7 community.


July 2015 Patch Tuesday coverage | content 

Coverage for July Patch Tuesday exposures: New vulnerability checks provide up-to-date Microsoft Patch Tuesday scan coverage for July 2015. For information about all current security bulletins covered in this release, see the Microsoft Security Bulletin Summary for July 2015. Use the checks in this update to verify that the latest Microsoft patches have been applied to system assets.


Application improvement | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • For customers whose Scan Engines have been updated to a later content version than the Security Console, we have corrected an issue that prevented the proper importing of scan data in that situation.

Coverage improvements | content

New coverage expands your visibility into assets and threats in your environment:

  • Microsoft Windows Server 2003 has reached end of life. For customers who may still have some assets running this operating system, it will now be reported as a security vulnerability due to an obsolete operating system, since patches will no longer be released for this OS.
  • For customers with Microsoft Windows 10 in their environment, we have added fingerprinting so that assets running that operating system can now be detected and accurately reported upon.
  • For customers using the built-in United States Government Configuration Baseline (USGCB) scan template, it has been updated to include the latest iterations of USGCB's SCAP 1.2 content, so you can run checks that cover the most recent policy updates.

 

Recurring coverage | content

New and updated vulnerability checks help you protect your environment against the latest threats. See all the operating systems and applications covered by these updates.

                                       

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.


Product Update IDs

  • Linux 64 | Update ID: 3560461593
  • Windows 64 | Update ID: 2198069758

 

Content update

  • Update ID: 5319848

This Rapid7® Nexpose® 5.15.2 release contains:

               
  • database update notification
  • application improvements
  • content improvement
  • recurring coverage updates

 

Database update notification

         

Upgrade your database to the latest version of PostgreSQL by August 27, 2015, to prepare you for future product updates. View the notification in the Security Console for a link to the migration utility. Watch a video for detailed instructions on how to upgrade the database.

Have you tuned your Nexpose database?

Tuning your Nexpose database is an important best practice to ensure optimal performance for new features and core Nexpose operations, such as integrating scan data and generating reports. After you upgrade your database to the latest version (see preceding note) make sure to tune your PostgreSQL settings. See the section Tuned PostgreSQL settings in the Nexpose Administrator's Guide, which you can download from the Rapid7 community.

Application improvements | product & content

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • We have improved memory usage for SQL Query Export reports.
  • The proof sections in check results for default account usage now correctly indicate the credentials used for authentication during the scan.
  • Text for Microsoft vulnerability descriptions and solutions now displays correctly in non-English languages.
  • Malformed custom vulnerability content no longer causes the Security Console to go into maintenance mode.
  • The Security Console web server now supports chained X.509 certificates that require intermediary Certificate Authority certificates. You can import these certificates using the Web Server page of the Security Console Configuration panel. For internal Certificate Authority usage, be sure to import your root certificate via Manage Root Certificates on the Administration page.

Coverage improvement | content

New coverage expands your visibility into assets and threats in your environment:

  • Unauthenticated coverage has been added for the following HP Data Protector vulnerabilities:
    • CVE-2011-0921
    • CVE-2011-0922
    • CVE-2011-0923
    • CVE-2011-0924
    • CVE-2011-1514
    • CVE-2011-1515
    • CVE-2011-1728
    • CVE-2011-1729
    • CVE-2011-1730
    • CVE-2011-1731
    • CVE-2011-1732
    • CVE-2011-1733
    • CVE-2011-1734
    • CVE-2011-1735
    • CVE-2011-1736
    • CVE-2011-1864
    • CVE-2011-1865
    • CVE-2011-1866
    • CVE-2013-2324
    • CVE-2013-2325
    • CVE-2013-2326
    • CVE-2013-2327
    • CVE-2013-2328
    • CVE-2013-2329
    • CVE-2013-2330
    • CVE-2013-2331
    • CVE-2013-2332
    • CVE-2013-2333
    • CVE-2013-2334
    • CVE-2013-2335
    • CVE-2013-2344
    • CVE-2013-2345
    • CVE-2013-2346
    • CVE-2013-2347
    • CVE-2013-2348
    • CVE-2013-2349
    • CVE-2013-2350
    • CVE-2013-6194
    • CVE-2013-6195
    • CVE-2015-2116

Recurring coverage | content

New and updated vulnerability checks help you protect your environment against the latest threats. See all the operating systems and applications covered by these updates.

                                   

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.

Product Update IDs

  • Linux 64 | Update ID: 3319461786
  • Windows 64 | Update ID: 4262674395

Content update

  • Update ID: 41273573

This Rapid7® Nexpose® 5.15.1 release contains:         

  • database update notification
  • application improvements
  • accuracy improvement
  • recurring coverage updates


Database update notification       

Upgrade your database to the latest version of PostgreSQL by August 27, 2015, to prepare you for future product updates. View the notification in the Security Console for a link to the migration utility. Watch a video for detailed instructions on how to upgrade the database.


Have you tuned your Nexpose database?

Tuning your Nexpose database is an important best practice to ensure optimal performance for new features and core Nexpose operations, such as integrating scan data and generating reports. After you upgrade your database to the latest version (see preceding note) make sure to tune your PostgreSQL settings. See the section Tuned PostgreSQL settings in the Nexpose Administrator's Guide, which you can download from the Rapid7 community.


Application improvements | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • The proof sections in check results for default account usage now correctly indicate the credentials used for authentication during the scan.
  • The Top Remediations report no longer displays duplicate solutions.


Accuracy improvement | product

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • An issue that caused inaccurate results for CVE-2014-7187 in some situations has been resolved.

 

Recurring coverage | content

New and updated vulnerability checks help you protect your environment against the latest threats. See all the operating systems and applications covered by these updates.

                             

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.


Product Update IDs

  • Linux 64 | Update ID: 3539983638
  • Windows 64 | Update ID: 3973249972


Content update

  • Update ID: 42912817

Attachments

    Outcomes