Nexpose release announcements - April 2015

Document created by mglinski Employee on Jun 25, 2015Last modified by mglinski Employee on Jun 25, 2015
Version 5Show Document
  • View in full screen mode

To help you protect your environment against ever-evolving security threats, Rapid7 releases coverage updates for Nexpose on a weekly basis. Product IDs and installer links are added the day of the release. This page contains detailed announcements for the most recent Nexpose coverage releases:


This Rapid7® Nexpose® 5.13.5 release contains:             

  • application improvements
                                                                                                                                                               

Application improvement | product

    

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • An issue that prevents the display of the current Scan Listing and therefore the ability to pause or stop scans in the user interface has been resolved.

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.


Product Update IDs

  • Linux 64 | Update ID: 459091024
  • Windows 64 | Update ID: 2914237151

This Rapid7® Nexpose® 5.13.4 release contains:             

  • application improvements
  •                                                                           

Application improvement | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • An issue in the installer that could potentially leak sensitive information from the initial setup of the product has been fixed. Thanks to Ian Gallagher for reporting this issue.
  • An issue that could cause custom reports based on queries of the 1.0.0 data model to fail has been fixed. 
  • An issue that caused data from some scans to integrate slowly has been fixed.
  • We have fixed an issue that could prevent the correct display of an asset's scan summary information in the Scan History listing if the asset was scanned multiple times.
  • An issue that could prevent the deletion of custom scan templates has been resolved.
  • An issue that in certain scenarios prevented the count of tagged assets from being displayed on the Assets page has been fixed.
  • Performance of the reporting data model has been improved for 1.4.0 and 2.0.0.

Accuracy improvements | product & content

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • Vulnerabilities in DNS are now more accurately detected when TCP DNS services are discovered.
  • A potential false negative in checks for CVE-2014-3566 (POODLE) has been resolved.
  • Findings for CVE-2014-3566 (POODLE) have been improved.

 

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.


Product Update IDs

  • Linux 64 | Update ID: 160527410
  • Windows 64 | Update ID: 1507128867

 

Content update

  • Update ID: 2507957114

This Rapid7® Nexpose® 5.13.3 release contains:                   

  • application improvements
  •                                                                           

Application improvement | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • An issue that prevented users with custom roles from being added to the report access list has been resolved.
  • The console now automatically scales the number of threads used to retrieve scan data from engines. 
  • An issue that prevented the Site Name from correctly exporting to CSV from the Asset Results table has been resolved. 
  • An issue that caused report schedules to disappear from the interface after being edited has been resolved. 
  • An error that could cause scheduled reports to start at the wrong time has been fixed.
  • An issue that caused some scan schedules to not show up in the Site Configuration has been resolved.
  • An issue that caused the Assessed column to be excluded from CSV exports of the Scanned table on the Assets page has been fixed.

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.


Product Update IDs

  • Linux 64 | Update ID: 373527440
  • Windows 64 | Update ID: 1788238787

 

Content update

  • Update ID: 4059907427

This Rapid7® Nexpose® 5.13.2 release contains:           

  • April 2015 Patch Tuesday checks
  • application improvements
  • accuracy improvements
                                                

April 2015 Patch Tuesday checks | content

New vulnerability checks provide up-to-date Microsoft Patch Tuesday scan coverage for April 2015. For information about all current security bulletins covered in this release, see the Microsoft Security Bulletin Summary for April 2015. Use the checks in this update to verify that the latest Microsoft patches have been applied to system assets. These checks help you determine where new risks are located in your environment, allowing you to prioritize what needs to be remediated and help minimize risk.


Application improvement | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • The API guide now provides XML code samples for the 1.1 API calls. Also, all XML samples throughout the guide are now in text format for searchability and copy/paste convenience. You can download the guide from the Support page in Help.
  • An issue that could have caused some Security Consoles to sporadically crash has been resolved.
  • An issue that prevented users from being added to the report access list has been resolved. 
  • CVSS vector data has been updated for several vulnerabilities.
  • An issue that prevented expired vulnerability exceptions from being resubmitted has been resolved.


Accuracy improvements | product & content

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • An issue that caused false negatives for Telnet default account checks when certain scan templates are used has been resolved.
  • The application now supports asset node fingerprinting over the Apple Filing Protocol (AFP).
  • Unauthenticated coverage for Microsoft DNS Server vulnerability MS12-017 has been improved.
  • An issue that caused coverage for Microsoft Windows vulnerability MS14-018 to search for non-security updates has been resolved.


Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.


FAQ

For details about restarting Nexpose after updating and other update information, see Nexpose release FAQ.


Product Update IDs

  • Linux 64 | Update ID: 3658326861
  • Windows 64 | Update ID: 1602624768

 

Content update

  • Update ID: 855251818

This Rapid7® Nexpose® 5.13.1 release contains:

 

Important updates | product

  • An issue that may have caused the April 8 update to take an unexpectedly long time to complete for some customers has been resolved.
  • An issue that prevented administrators from creating or editing users configured with an external authentication source has been resolved.

 

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.


FAQ

For details about restarting Nexpose after updating and other update information, see Nexpose release FAQ.


Product Update IDs

  • Linux 64 | Update ID: 210636390
  • Windows 64 | Update ID: 629136089

This Rapid7® Nexpose® 5.13.0 release contains:

 

Big application changes!  

5.13 includes some major product updates that include Mobile Risk Assessment, DHCP asset discovery, enhancements to the Assets pages, the ability to scan asset groups, two new reports, and more!

  • The application now allows you to gain visibility and assess the mobile devices in your environment for known risks. The application uses ActiveSync technology to gain insight into your mobile devices that are connected in your environment, by leveraging information on your on premise Microsoft Exchange server, LDAP, or in a cloud installation through Office365.
    Mobile devices, and their related risk to your environment, live side by side with other device types in the application, allowing you to leverage all the application related workflows to assess mobile risk.
  • You can now dynamically discover assets through Microsoft DHCP log queries. This extends your visibility into your asset inventory by exposing assets that may not be otherwise apparent. Scan Engines query DHCP server logs, which dynamically update with fresh asset information every five seconds.
  • Several new enhancements have been made to the Assetspage.
    • The count of assets displayed at the top of the page now includes all assets discovered by a Dynamic Discovery connection, regardless of whether or not the assets have been scanned.
    • A new Assessment Status pie chart shows the ratio of assets that have been assessed with a vulnerability or policy scan to those that have only been discovered by a discovery scan or Dynamic Discovery connection.
    • The Assessed Assets table has been renamed to Scanned and includes a new Assessed column that indicates whether an asset has been scanned for vulnerabilities.
    • A new Discovered by Connection table has been added, listing assets that have been discovered by a Dynamic Discovery connection but have not been scanned. This allows you to see at a glance which assets have not been assessed yet. This table will only appear when there is at least one Dynamic Discovery connection.
    • The Assets by Operating System table has been renamed to Operating Systems.
    • The Assets by Software table has been renamed to Software.
    • The Assets by Service table has been renamed to Services.
  • You can now copy asset groups either in asset group tables or within the details view of an asset group. This allows you to quickly create and edit new asset groups based on older ones, so that you do not have to recreate reused settings.
  • A new report template shows vulnerability exception activity during a specified time frame, so that you can track assessment activity in your organization.
  • A new report template lists information about new assets discovered within a specific time period. This allows you to track changes to your network environment over time.
  • You can now choose whether to link matching assets across two or more sites or treat them as unique entities. Be aware that linking matching assets is a significant change to the relationship of your assets in the application and will disable your ability to make site-level exceptions, so make your decision carefully and perform a backup before making the switch. Please refer to the Linking Assets Across Sites section of Help for more detailed information.

Plus:  

  • Users can view the sites an asset belongs to by clicking on the Global link in the asset listing.
  • You can now toggle to a raw text mode in the asset input section of the Site Configuration. This enhancement allows you to edit, copy, paste, or delete assets easily.
  • Security Consoles and Scan Engines now use less memory. The benefits of this enhancement include the ability to run more concurrent scans as well as up to 50 percent reduction of at-rest memory usage.
  • The Scan Asset Now button on the Assets page now scans the asset in the first site that originally scanned that asset. If the user does not have access to that asset, the button will not appear.
  • The API 1.1 SiteSaveRequest has been updated to preserve asset groups specified as scan targets.
  • A new API 2.1 endpoint supports the creation of sites that use asset groups as scan targets.
  • A vulnerability exception applies to an asset in every site in which the asset appears if the administrative option to link assets across all sites has been enabled.
  • The CSV export has been updated so that the Site Importance, Site Name, and Scan Template values are comma-delimited results when the administrative option to link assets across all sites has been enabled.
  • The new reporting data model version (2.0.0) exposes the data from the product with respect to linking assets across sites.
  • If the administrative option to link assets across sites is enabled, assets that are linked in more than one site are marked as Global in the column of asset tables. Assets that are not linked in more than one site are listed with the relevant site names.
  • Performance enhancements have been made to lower CPU usage during policy assessment scans.
  • The application now has the ability to determine the appropriate engines to be used when scanning asset groups. The application will lookup the last engine used to scan each asset in the group and assign that particular engine for the scan.
  • A new 2.1 endpoint supports the creation of sites that use asset groups as scan targets.
  • HTTP connections that are no longer required will now be closed faster, greatly reducing the number of simultaneous connections during a scan.
  • You can now create dynamic asset groups with mobile devices based on the most recent time they synchronized with the Exchange server. This be useful if you do not want your reports to include data from old devices that are no longer in use on the network. This feature supports mobile devices that were Dynamically Discovered with one of the Windows Remote Management (WinRM) discovery connections.
  • You can now set the maximum scan duration of a scheduled scan by number of days, weeks, and hours in addition to the number of minutes.

 

Recurring coverage | content

New and updated vulnerability checks help you protect your environment against the latest threats. See all the operating systems and applications covered by these updates.


Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.


FAQ

For details about restarting Nexpose after updating and other update information, see Nexpose release FAQ.


Product Update IDs

  • Linux 64 | Update ID: 2283007696
  • Windows 64 | Update ID: 1283843208

 

Content update

  • Update ID: 3028106054

This Rapid7® Nexpose® 5.12.11 release contains:

 

Application improvements | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • An issue introduced in the March 25 product update that prevented creation or updates of policy rule check result overrides has been resolved.
  • Reports based on data from scans on local engines are no longer run twice per scan.

 

Scanning improvements | product

Better scan performance helps you to retrieve scan results more quickly with improved accuracy and more efficient use of resources:

  • Scan times and accuracy have been significantly improved for Microsoft content.

 

Accuracy improvements | product & content

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • A false positive caused by the vulnerability check for obsolete versions of Microsoft Office has been resolved.
  • The following DNS server products are no longer fingerprinted as ISC BIND versions:
    • PowerDNS
    • Knot DNS
    • Unbound
    • dnsmasq

 

Recurring coverage | content

New and updated vulnerability checks help you protect your environment against the latest threats. See all the operating systems and applications covered by these updates.


Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.


FAQ

For details about restarting Nexpose after updating and other update information, see Nexpose release FAQ.


Product Update IDs

  • Linux 64 | Update ID: 2851582512
  • Windows 64 | Update ID: 1513235014

 

Content update

  • Update ID: 236536244

Attachments

    Outcomes