Nexpose release announcements for December 2015

Document created by Rapid7 Learning Team Employee on Dec 1, 2015Last modified by Rapid7 Learning Team Employee on Dec 23, 2015
Version 22Show Document
  • View in full screen mode

To help you protect your environment against ever-evolving security threats, Rapid7 releases coverage updates for Nexpose on a weekly basis. Product IDs and installer links are added the day of the release. This page contains detailed announcements for the most recent Nexpose coverage releases:


This Rapid7® Nexpose® 6.1.4 release includes:


Accuracy enhancements  | content

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • We have resolved an issue that was affecting Adobe solutions correlation.
  • Product accuracy for detecting PHP vulnerabilities on RHEL platforms has been enhanced.
  • Ruby packages installed on a CentOS 6.5 client no longer present false positives.


Application enhancements | product & content

Changes to how the application integrates and presents scan data and performance enhancements to help you to manage security issues more effectively:

  • To decrease the likelihood of scans pausing due to low memory, scan engine memory usage for Microsoft Office checks has been reduced.
  • We have enhanced Security Console processing and consistency when integrating large amounts of scan data.
  • Users with limited site modification privileges can save changes to a site without having to view the engines tab beforehand.
  • By increasing the connection time out, we have resolved an issue where updates would time out for some users when downloads took longer than two minutes.
  • We have improved functionality to prevent scans from hanging if an auto update applies while a long running report is generating.


Coverage enhancements | content

New coverage expands your visibility into assets and threats in your environment:

  • A new authenticated check has been added for CVE-2015-7756 (Juniper ScreenOS weak VPN encryption) and CVE-2015-7450 (Java deserialization vulnerability in WebSphere).
  • A new remote check has been added for CVE-2015-7755 (Juniper ScreenOS Authentication Backdoor) which will attempt to connect over SSH / Telnet using the backdoor password.


Recurring coverage | content

New and updated vulnerability checks help protect your environment against the latest threats. See all the operating systems and applications covered by these updates.

 

Reminder: Have you activated Adaptive Security?

Adaptive Security’s automated actions enable you to instantly:

  • understand your exposure and respond quickly to a zero day threat
  • identify when new assets join your network, assess their vulnerability and remediate
  • automatically scan known assets when they reconnect (this is particularly important for assets that haven’t been connected during scheduled scans)

Setting up automated actions is easy. See how Adaptive Security fits into your vulnerability management program.

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.

 

Product Update IDs

  • Linux 64 | Update ID: 109604236
  • Windows 64 | Update ID: 1102263037

Content update ID

  • Update ID: 2768352799

 


This Rapid7® Nexpose® 6.1.3 release:

  • addresses an issue with TLS cipher suite enumeration performance


Scanning enhancements | product

Better scan performance helps you to retrieve scan results more quickly with improved accuracy and more efficient use of resources:

  • We have addressed an issue with the performance of TLS cipher suite enumeration on scan engines with low entropy.

 

Product Update IDs

  • Linux 64 | Update ID: 3319712874
  • Windows 64 | Update ID: 1341672532


This Rapid7® Nexpose® 6.1.2 release includes:

  • increased flexibility with Amazon Web Services
  • enhanced ad-hoc scanning assets
  • improved HTTPS security
  • increased ability to generate text reports
  • more accurate marking of scans during console restarts
  • enhancements to authenticated scans of Windows targets
  • new CIS policy implementation

Accuracy enhancements  | product

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • We have increased functionality with remote engines when using localized content.


Application enhancements | product

Changes to how the application integrates and presents scan data and performance enhancements to help you to manage security issues more effectively:

  • We have further enhanced ad-hoc scanning assets in sites which use asset groups for included scan targets. These assets can now be scanned by entering their IP address or host name into the Manual Scan Targets field of the Start New Scan dialog.
  • The Security Console uses more strict TLS cipher suites for improved HTTPS security. The new default cipher suites are compatible with all supported web browsers. See More TLS Improvements in Nexpose 6.1.2.
  • We have improved the functionality of the Scan Asset Now button on the Asset detail page. If the site you are using to scan the asset with that button does not already include the asset's IP address or host name in its configuration, the configuration will be automatically updated to include it when launching a scan if the user has permission to modify the site scan targets.
  • We have refined the generation of text reports when HTML content is included.


Scanning enhancements | product & content

Better scan performance helps you to retrieve scan results more quickly with improved accuracy and more efficient use of resources:

  • During a console restart, scans that are in Integration will no longer be marked as failed.
  • Scan times have decreased due to improved performance for authenticated scans of Windows targets.


Coverage enhancements | content

New coverage expands your visibility into assets and threats in your environment:

  • New Center for Internet Security (CIS) policies now provide compliance coverage for Redhat Enterprise Linux 7, CentOS 6, and CentOS 7 operating systems.


Recurring coverage | content

New and updated vulnerability checks help protect your environment against the latest threats. See all the operating systems and applications covered by these updates.

 

Reminder: Have you activated Adaptive Security?

Adaptive Security’s automated actions enable you to instantly:

  • understand your exposure and respond quickly to a zero day threat
  • identify when new assets join your network, assess their vulnerability and remediate
  • automatically scan known assets when they reconnect (this is particularly important for assets that haven’t been connected during scheduled scans)

Setting up automated actions is easy. See how Adaptive Security fits into your vulnerability management program.

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.

 

Product Update IDs

  • Linux 64 | Update ID: 1678094532
  • Windows 64 | Update ID: 3437474661

Content update ID

  • Update ID: 860033813

 


This Rapid7® Nexpose® 6.1.1 release includes:

  • coverage for Microsoft's December 2015 Patch Tuesday announcement
  • more consistent acceptance of certificates signed with MD2
  • increased flexibility with timeouts
  • fewer false positives in CentOS
  • more effective copying of CIS Oracle Solaris policies
  • expanded Administration page functionality
  • three new unauthenticated checks

December Patch Tuesday checks | content

New vulnerability checks provide up-to-date Microsoft Patch Tuesday scan coverage for December 2015. For information about all current security bulletins covered in this release, see the Microsoft Security Bulletin Summary for December 2015. Use the checks in this update to verify that the latest Microsoft patches have been applied to system assets. These checks help you determine where new risks are located in your environment, allowing you to prioritize what needs to be remediated and help minimize risk.


Accuracy enhancements | product & content

Further accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • The product now more consistently accepts certificates signed with MD2 during the SSL/TLS handshake.
  • We have increased the default time at which a session times out and made the timeout value configurable via JVM property to address SNMP service and vulnerability detection issues.
  • We have enhanced CentOS coverage to decrease potential false positives.


Application enhancements | product

Changes to how the application integrates and presents scan data and performance enhancements to help you to manage security issues more effectively:

  • We have fixed an issue where users were sometimes unable to copy CIS Oracle Solaris policies.
  • The virtual appliance scan engine (NexposeVASE.ova) required for the NSX integration can now be downloaded and staged from the Administration page.


Coverage enhancements | content

New coverage expands your visibility into assets and threats in your environment:

  • A new unauthenticated check has been added for each of the following: CVE-2015-8103 (Java deserialization vulnerability in Jenkins), CVE-2015-7501 (Java deserialization vulnerability in JBoss), and CVE-2015-4852 (Java deserialization vulnerability in Weblogic).


Recurring coverage | content

New and updated vulnerability checks help protect your environment against the latest threats. See all the operating systems and applications covered by these updates.

 

Reminder: Have you activated Adaptive Security?

Adaptive Security’s automated actions enable you to instantly:

  • understand your exposure and respond quickly to a zero day threat
  • identify when new assets join your network, assess their vulnerability and remediate
  • automatically scan known assets when they reconnect (this is particularly important for assets that haven’t been connected during scheduled scans)

Setting up automated actions is easy. See how Adaptive Security fits into your vulnerability management program.

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.

 

Product Update IDs

  • Linux 64 | Update ID: 3819266324
  • Windows 64 | Update ID: 582726328

Content update ID

  • Update ID: 622364511

 


This Rapid7® Nexpose® 6.1.0 release includes:

  • improved LDR patch handling to reduce false positives
  • increased filtering options and notifications for Adaptive Security
  • better asset storage for Nexpose Ultimate and controlsInsight
  • expanded filtering capabilities for dynamic sites
  • improved processing for commonly-available system log events
  • simpler scan logging options

Accuracy improvements | product

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • We've adjusted the way that Nexpose handles patches to give preference to LDR patch streams so that the asset is considered patched as long as the LDR hotfix is applied, reducing false positives.


Application improvements | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • If the remote scan engine used to scan for new vulnerabilities is not up to date, Adaptive Security will continue to attempt to scan for one week. During that time, it will display a message in the UI indicating that the engine is not up to date.
  • Asset storage has been improved in order to better support performance for Nexpose Ultimate and customers using the controlsInsight product.
  • We have expanded the filtering capabilities of dynamic sites that are based on a Sonar Labs connection to allow the exclusion of assets not seen by the sonar service within a user-defined number of days.
  • DHCP discovery-based connections that originate with the Infoblox Trinzic event source will process any more commonly-available system log events.
  • Scan logging options have been simplified. You can now click a single check box to enable both asset configuration logging and debug logging for a scan template. This allows you to generate debug logs without turning on debug logging globally for a console or engine.
  • The Adaptive Security trigger to look for new vulnerabilities now has filtering options that mirror those of Nexpose. It is possible to filter by any or all of the following criteria: CVE ID, Vulnerability Title, Vulnerability Category, Risk Score, and CVSS Score.

automated_filters.png


Recurring coverage | content

New and updated vulnerability checks help you protect your environment against the latest threats. See all the operating systems and applications covered by these updates.

 

Reminder: Have you activated Adaptive Security?

Adaptive Security’s automated actions enable you to instantly:

  • understand your exposure and respond quickly to a zero day threat
  • identify when new assets join your network, assess their vulnerability and remediate
  • automatically scan known assets when they reconnect (this is particularly important for assets that haven’t been connected during scheduled scans)

Setting up automated actions is easy. See how Adaptive Security fits into your vulnerability management program.

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.

 

Product Update IDs

  • Linux 64 | Update ID: 3987987284
  • Windows 64 | Update ID: 3844681899

Content update ID

  • Update ID: 2539198742

 

1 person found this helpful

Attachments

    Outcomes