Nexpose release announcements for November 2015

Document created by S Tempest Employee on Nov 3, 2015Last modified by Rapid7 Learning Team on Dec 7, 2015
Version 10Show Document
  • View in full screen mode

To help you protect your environment against ever-evolving security threats, Rapid7 releases coverage updates for Nexpose on a weekly basis. Product IDs and installer links are added the day of the release. This page contains detailed announcements for the most recent Nexpose coverage releases:


This Rapid7® Nexpose® 6.0.8 release includes:

  • more consistent display of scan engines for users
  • improved readability based on your feedback
  • better fingerprinting for Microsoft Office
  • increased accuracy in data gathering with DNS

 

Application improvements | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • We have fixed an issue that prevented Scan Engines from being displayed when creating a new Site if your user did not have the Manage Scan Engines permission.
  • For improved readability, we have darkened the color of hyperlinks based on your feedback.

 

Accuracy improvements | product

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • In order to provide more accurate results, we have improved our fingerprinting for Microsoft Office.
  • To improve accuracy in data gathering, we have resolved an issue that occurs with DNS service in some situations.

Recurring coverage | content

New and updated vulnerability checks help you protect your environment against the latest threats. See all the operating systems and applications covered by these updates.

 

Reminder: Have you activated Adaptive Security?

Adaptive Security’s automated actions enable you to instantly:

  • understand your exposure and respond quickly to a zero day threat
  • identify when new assets join your network, assess their vulnerability and remediate
  • automatically scan known assets when they reconnect (his is particularly important for assets that haven’t been connected during scheduled scans)

Setting up automated actions is easy. See how Adaptive Security fits into your vulnerability management program.

 

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.

 

Product Update IDs

  • Linux 64 | Update ID: 2296908350
  • Windows 64 | Update ID: 2152682495

Content update ID

  • Update ID: 442055871

 


This Rapid7® Nexpose® 6.0.7 release includes:

  • more accurate displays of the reports scope
  • improved consistency of trend charts
  • speedier generation of reports
  • more effectively-prioritized remediations
  • detection of commonly-shared Diffie-Hellman parameters
  • ensured compliance with version 3.1 of the PCI Data Security Standard

 

Application improvements | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • The Use only assets found in the last scan option now correctly displays as checked in the reports scope.
  • The way that data is displayed in the trend charts throughout the UI has been updated, increasing the consistency of the charts and eliminating fluctuations in historical trend data.
  • Report Card and PCI Host Details reports now generate significantly more quickly.

 

Accuracy improvements | product

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • We have added a new vulnerability check that will flag hosts that are only using weak SSL/TLS configurations, allowing remediations to be more effectively prioritized.

 

Coverage improvements | product

New coverage expands your visibility into assets and threats in your environment:

  • The product can now detect when SSL/TLS endpoints are configured to use commonly-shared Diffie-Hellman parameters.
  • To ensure compliance with version 3.1 of the PCI Data Security Standard, new vulnerabilities for TLS versions 1.0 and 1.1 have been added.


Recurring coverage | content

New and updated vulnerability checks help you protect your environment against the latest threats. See all the operating systems and applications covered by these updates.

 

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.

 

Product Update IDs

  • Linux 64 | Update ID: 4187786940
  • Windows 64 | Update ID: 2720016589

Content update ID

  • Update ID: 489778493

 


This Rapid7® Nexpose® 6.0.6 release includes:

  • coverage for Microsoft's November 2015 Patch Tuesday announcement
  • more consistent access to the Administration settings page
  • improved accuracy for non-trending reports
  • enhanced scan log results
  • further eliminated false positives with MS14-023 and in Oracle Linux
  • more concise remediation steps for Oracle Java vulnerabilities
  • increased reliability for detection of STARTTLS support

 

November Patch Tuesday checks | content

New vulnerability checks provide up-to-date Microsoft Patch Tuesday scan coverage for November 2015. For information about all current security bulletins covered in this release, see the Microsoft Security Bulletin Summary for November 2015. Use the checks in this update to verify that the latest Microsoft patches have been applied to system assets. These checks help you determine where new risks are located in your environment, allowing you to prioritize what needs to be remediated and help minimize risk.

 

Application improvements | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • For more consistent access to product functions, we have fixed an issue that could have impeded access to the Administration settings page.
  • We have addressed an issue that would have prevented assets that were historically part of a dynamic asset group but are no longer part of that group from being incorrectly included in the report scope for non-trending reports.
  • The scan log now displays the outputs of 'netstat' and 'lsof' commands executed on targets when they are available.

 

Scanning improvements | product

Better scan performance helps you to retrieve scan results more quickly with improved accuracy and more efficient use of resources:

  • We have resolved an issue that caused false positives with MS14-023 in certain situations.
  • We have updated the product to ensure fewer false positives for more accurate results in Oracle Linux.
  • We have updated remediation steps for Oracle Java vulnerabilities on Windows to be more accurate and concise.
  • STARTTLS support is now more reliably detected for FTP, SMTP, POP, IMAP, LDAP, and PostgreSQL endpoints. This allows TLS/SSL-related vulnerability checks to run against services that support upgrading from plaintext to an encrypted connection.


Recurring coverage | content

New and updated vulnerability checks help you protect your environment against the latest threats. See all the operating systems and applications covered by these updates.

 

Reminder: Have you activated Adaptive Security?

Adaptive Security’s automated actions enable you to instantly:

  • understand your exposure and respond quickly to a zero day threat
  • identify when new assets join your network, assess their vulnerability and remediate
  • automatically scan known assets when they reconnect (this is particularly important for assets that haven’t been connected during scheduled scans)

Setting up automated actions is easy.

 

Action required: Do you whitelist the Rapid7 Update Server IP address in your firewall?

If you do, you'll need to add a new IP address, 52.3.118.139, to your whitelist in order to continue to receive Nexpose updates. We are moving the Nexpose update server (updates.rapid7.com) soon for better performance and reliability. Update your whitelist now to avoid interruptions.

 

Have you tuned your Nexpose database?

Tuning your Nexpose database is an important best practice to ensure optimal performance for new features and core Nexpose operations, such as integrating scan data and generating reports. After you upgrade your database to the latest version (see preceding note) make sure to tune your PostgreSQL settings. See the section Tuned PostgreSQL settings in the Nexpose Administrator's Guide, which you can download from the Rapid7 community.

 

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.

 

Product Update IDs

  • Linux 64 | Update ID: 4017688842
  • Windows 64 | Update ID: 4166341161

Content update ID

  • Update ID: 3598660209

 


This Rapid7® Nexpose® 6.0.5 release includes:

  • individual fingerprinting for Office 2016 products
  • better accuracy for Simple XML Reports
  • improved asset integration
  • more consistent scans on Cisco devices

 

Application improvements | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • For better visibility of your installed software, the application now supports individual fingerprinting for the different programs within Microsoft Office 2016, including Access, Excel, Outlook, PowerPoint, Publisher, and OneNote.
  • We have fixed an issue that could cause assets in the Simple XML report to incorrectly display identifiers, enhancing the accuracy of the reports.
  • We have resolved an issue that had prevented the integration of assets with previously unknown operating systems.


Scanning improvements | product

Better scan performance helps you to retrieve scan results more quickly with improved accuracy and more efficient use of resources:

  • The application now has better, more consistent results for scans on Cisco devices.


Recurring coverage | content

New and updated vulnerability checks help you protect your environment against the latest threats. See all the operating systems and applications covered by these updates.

 

Reminder: Have you activated Adaptive Security?

Adaptive Security’s automated actions enable you to instantly:

  • understand your exposure and respond quickly to a zero day threat
  • identify when new assets join your network, assess their vulnerability and remediate
  • automatically scan known assets when they reconnect (this is particularly important for assets that haven’t been connected during scheduled scans)

Setting up automated actions is easy.

 

Action required: Do you whitelist the Rapid7 Update Server IP address in your firewall?

If you do, you'll need to add a new IP address, 52.3.118.139, to your whitelist in order to continue to receive Nexpose updates. We are moving the Nexpose update server (updates.rapid7.com) soon for better performance and reliability. Update your whitelist now to avoid interruptions.

 

Reminder: Upgrade the database on all your consoles to receive product updates.

Upgrade now to the latest version of PostgreSQL! You need to upgrade to take advantage of all available security coverage. Use the migration utility in the console for an easy update.

  • Remember to upgrade the database for all your consoles.
  • As of the September 9, 2015, release, you cannot access product updates without upgrading.
  • To access the migration utility, click the Learn more link in the upgrade notification in the Security Console. The utility guides you through the process and estimates how long it will take, based on your database size.
  • Note: Running automatic or manual product updates does not upgrade the database. The only way to upgrade is to use the migration utility.
  • Read this blog post: The easy button for updating your Nexpose database, which describes how easy it is to run the migration, and includes a link to a short video tutorial.
  • Read this blog post: Get on the Path to Superpowers in only 1 Hour! for more information on why it's important to upgrade PostgreSQL.

 

Have you tuned your Nexpose database?

Tuning your Nexpose database is an important best practice to ensure optimal performance for new features and core Nexpose operations, such as integrating scan data and generating reports. After you upgrade your database to the latest version (see preceding note) make sure to tune your PostgreSQL settings. See the section Tuned PostgreSQL settings in the Nexpose Administrator's Guide, which you can download from the Rapid7 community.

 

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.

 

Product Update IDs

  • Linux 64 | Update ID: 359562018
  • Windows 64 | Update ID: 644997554

Content update ID

  • Update ID: 1580178575

Attachments

    Outcomes