Nexpose release announcements for February 2016

Document created by Rapid7 Learning Team Employee on Feb 3, 2016Last modified by Rapid7 Learning Team Employee on Mar 23, 2016
Version 10Show Document
  • View in full screen mode

To help you protect your environment against ever-evolving security threats, Rapid7 releases coverage updates for Nexpose on a weekly basis. Product IDs and installer links are added the day of the release. This page contains detailed announcements for the most recent Nexpose coverage releases:


This Rapid7® Nexpose® 6.1.13 release includes:


Accuracy enhancements | product

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • Copied policies and/or uploaded policies are no longer ignoring the CPE.
  • We have improved the fingerprinting accuracy of Windows assets.
  • Fingerprints for Windows Server 2008 are now accurately displayed.


Application enhancements | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • The table in the group configuration page has been modified to maintain its sorting order after a user removes an asset from a static asset group.
  • We placed the report template search box in a better observable position.
  • We have decreased the time needed to run a XML export report for large scale environments.
  • We have addressed an issue where the policy rule compliance table fails to load when a policy is opened.
  • We have implemented a monitor to track the transmit statistics for scan data on the console and remote engines.


Coverage enhancements | product

New coverage expands your visibility into assets and threats in your environment:

  • New Center for Internet Security (CIS) policies now provide compliance coverage for Oracle MySQL Community Server 5.7.
  • New Center for Internet Security (CIS) policies now provide compliance coverage for Oracle MySQL Enterprise Edition 5.6.


Scanning enhancements | product

Better scan performance helps you to retrieve scan results more quickly with improved accuracy and more efficient use of resources:

  • An issue that impaired SSH public keys from authenticating during scans has been resolved.
  • We have addressed an issue where performance was impacted when a firewall interfered with WMI messages being sent to a Windows device.
  • We have resolved an issue that caused a Windows device to permanently hang when writing WMI messages to it.
  • We have improved scan times of firewall and IPS devices.


Accuracy enhancements | content

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • An independent check for the BEAST attack vulnerability (CVE-2011-3389) has been added.
  • We have added an independent check for the POODLE attack vulnerability (CVE-2014-3566).


Application enhancements | content

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • We have addressed an issue with white space displayed in vulnerability name fields of CSV exports.


Coverage enhancements | content

New coverage expands your visibility into assets and threats in your environment:

  • New Center for Internet Security (CIS) policies now provide Windows compliance coverage for Microsoft Office Access 2016, Microsoft Office Excel 2016, Microsoft Office Outlook 2016, Microsoft Office PowerPoint 2016, and Microsoft Office Word 2016.
  • New Center for Internet Security (CIS) policies now provide Windows compliance coverage for Microsoft Office Access 2013, Microsoft Office Excel 2013, Microsoft Office Outlook 2013, Microsoft Office PowerPoint 2013, and Microsoft Office Word 2013.
  • New Center for Internet Security (CIS) policies now provide compliance coverage for Oracle MySQL Community Server 5.7.
  • New Center for Internet Security (CIS) policies now provide compliance coverage for Oracle MySQL Enterprise Edition 5.6.

This Rapid7® Nexpose® 6.1.12 release includes:


Accuracy enhancements | product

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • To help identify vulnerable Java installations on assets that contain multiple JREs, the path to the Java executable has been added to the proof text for Oracle Java vulnerability results.


Application enhancements | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • We have addressed an issue where asset tags lose association to dynamic asset groups after nightly recalculations.
  • We have enhanced scan log storage in multi-engine scans by having each engine store the scan logs of its own activity. These logs can be downloaded as a zip file through the UI.


Scanning enhancements | product

Better scan performance helps you to retrieve scan results more quickly with improved accuracy and more efficient use of resources:

  • Several scan pool reliability and performance issues have been resolved.
  • SSH client compatibility has been improved, resulting in more accurate scan results.
  • We have improved the fingerprinting of firewall and IPS devices.
  • We have improved scan performance by allowing service level SSH credentials to be used in a scan after a failed attempt to elevate privileges.


Accuracy enhancements | content

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • Vulnerability content for Oracle Linux and CentOS has been enhanced to address false positives for multiple CVEs.


Coverage enhancements | content

New coverage expands your visibility into assets and threats in your environment:

  • We added coverage for a cross-site scripting vulnerability on Cisco ASA devices (CVE-2014-2120).


Recurring coverage | content

New and updated vulnerability checks help protect your environment against the latest threats. See all the operating systems and applications covered by these updates.

 

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.

 

Product Update IDs

  • Linux 64 | Update ID: 370175556
  • Windows 64 | Update ID: 579761709

Content update ID

  • Update ID: 3417811421

 


This Rapid7® Nexpose® 6.1.11 release includes:


Application enhancements | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • We addressed an issue on the asset page that prevented the date field in the Discovered by Connection table from being displayed.
  • In the Executive Overview report, the High Risk Vulnerability chart is now properly labeled as Risk Score along the x axis.
  • The engine scan activity section now properly reflects activity of an engine that is part of a pool that is running a scan.


Accuracy enhancements | content

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • We have improved the accuracy of the vulnerability check for CBC ciphers.
  • We have improved content accuracy for TLS/SSL 3DES vulnerability.
  • We have improved the accuracy of the OpenSSH CVE-2008-1483 vulnerability check.
  • We have improved the accuracy of the OpenSSH CVE-2007-4752 vulnerability check on F5 systems.
  • We have decreased the number of erroneous appearances of older Microsoft IIS vulnerabilities on systems running newer versions of Microsoft IIS.


Recurring coverage | content

New and updated vulnerability checks help protect your environment against the latest threats. See all the operating systems and applications covered by these updates.

 

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.

 

Product Update IDs

  • Linux 64 | Update ID: 2325320413
  • Windows 64 | Update ID: 2172881800

Content update ID

  • Update ID: 319145943

 


This Rapid7® Nexpose® 6.1.10 release includes:

February Patch Tuesday checks | content

New vulnerability checks provide up-to-date Microsoft Patch Tuesday scan coverage for February 2016. For information about all current security bulletins covered in this release, see the Microsoft Security Bulletin Summary for February 2016. Use the checks in this update to verify that the latest Microsoft patches have been applied to system assets.

These checks help you determine where new risks are located in your environment, allowing you to prioritize what needs to be remediated and help minimize risk.


Accuracy enhancements | product

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • We have improved error handling in Windows checks to reduce the likelihood of false positives in some Microsoft vulnerability checks.
  • We have added additional ways of recording hostname aliases of XP machines which do not support DNS lookup or CIFS over UDP.
  • Users' home directories that are accessible via symbolic links will now be correctly evaluated to ensure they have suitable filesystem permissions, reducing false positive vulnerabilities.


Application enhancements | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • We have resolved an issue that prevented an asset from being integrated when the same operating system was detected in multiple ways.
  • We have addressed an issue with the report listing that would automatically switch to page 1 if a report was being generated.
  • One time schedules are now displayed in the command console.
  • We have addressed a discrepancy in parsing syslog entries from an Infoblox server when an engine or console is in the UTC time zone.
  • We have resolved an issue where a console restart while updating remote engines could persistently prevent the engine from being updated automatically.
  • We have improved the encryption used for communications between the console and engine.


Accuracy enhancements | content

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • We have improved error handling in Windows checks to reduce the likelihood of false positives in some Microsoft vulnerability checks.
  • The accuracy has been improved when checking for CIS Cisco IOS 15 rule 1.2.3.3 Require Logging to Device Console.
  • The Center for Internet Security (CIS) policy for Windows Server 2012 R2 has been updated to version 2.1.0.
  • With Windows 8.0 no longer being supported by Microsoft as of January 2016, scans will now flag Windows 8.0 as an obsolete operating system.
  • We have updated coverage for Microsoft security bulletin MS13-067.


Application enhancements | content

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • We have resolved an issue where a console restart while updating remote engines could persistently prevent the engine from being updated automatically.


Coverage enhancements | content

New coverage expands your visibility into assets and threats in your environment:

  • The CVE-2015-7501 vulnerability check has been enhanced for scans using credentials.
  • The CVE-2015-4852 vulnerability check has been enhanced for scans using credentials.


Recurring coverage | content

New and updated vulnerability checks help protect your environment against the latest threats. See all the operating systems and applications covered by these updates.

 

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.

 

Product Update IDs

  • Linux 64 | Update ID: 2231046173
  • Windows 64 | Update ID: 2650586731

Content update ID

  • Update ID: 247786782


 

This Rapid7® Nexpose® 6.1.9 release includes:


Accuracy enhancements | content

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • We have reduced the amount of false positive matches in the vulnerability check for Windows Hotfix MS09-050.
  • The Click Jacking vulnerability has been enhanced to take into account the content type from the HTTP response in order to reduce the number of false positives.


Application enhancements | content

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • We have improved our remediation advice for SSL/TLS cipher related vulnerabilities so that it only includes strong ciphers.


Recurring coverage | content

New and updated vulnerability checks help protect your environment against the latest threats. See all the operating systems and applications covered by these updates.

 

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.

 

Product Update IDs

  • Linux 64 | Update ID: 3042637943
  • Windows 64 | Update ID: 1190004929

Content update ID

  • Update ID: 219001911

 

Attachments

    Outcomes