Nexpose release announcements for March 2016

Document created by Rapid7 Learning Team Employee on Mar 2, 2016Last modified by Rapid7 Learning Team Employee on Mar 30, 2016
Version 9Show Document
  • View in full screen mode

To help you protect your environment against ever-evolving security threats, Rapid7 releases coverage updates for Nexpose on a weekly basis. Product IDs and installer links are added the day of the release. This page contains detailed announcements for the most recent Nexpose coverage releases:


This Rapid7® Nexpose® 6.2.0 release includes:


Accuracy enhancements | product

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • We have improved SNMP v3 protocol fingerprinting coverage.


Application enhancements | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • You will now see the name of the site you are editing throughout the configuration pages to ensure you are making changes to your desired site.
  • We have addressed an issue where CSV export reports were not honoring the report language selected by the user. The header text in these reports will now display in the selected language.
  • A new Top Compliance Remediation report has been released and will provide a prioritized and actionable list of failed compliance rules. This will allow users to better understand where to focus their efforts and energy in the policy and compliance space.
  • We have improved the Inclusion and Exclusion of Asset Groups in Site Configuration, allowing for vSphere dynamic assets to be included and all dynamic asset types to be excluded from scans.
  • A new policy report has been released that allows users to understand their compliance status, line by line. This report will assist in driving compliance programs by informing users which rules within a policy have passed or failed, allowing them to begin remediation of the failed rules.
  • We made changes to the cache-control headers to be more consistently set across web resources, allowing browsers to take full advantage of caching. This has improved the rendering performance of pages across the web interface.
  • We have addressed an issue that caused the "unlock account" console command not to function properly.
  • XML Export 1.0 and 2.0 reports have been updated to separate unique assets which share a primary IP address.
  • Disabling a user will now remove any open sessions for that user. Users who have been disabled while in an open session will have their session invalidated.
  • Backups larger than 2 GB can now be downloaded from the user interface using a web browser.
  • We have addressed an issue where DISA policy scans could not be started.
  • We have resolved an issue where running a scan with multiple engines could, under certain circumstances, result in a scan that never completes.
  • We have included the ability to record multiple DNS names for an IP address if a DNS server provides multiple PTRs for the IP address from the reverse DNS lookup.


Recurring coverage | content

New and updated vulnerability checks help protect your environment against the latest threats. See all the operating systems and applications covered by these updates.

 

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.

 

Product Update IDs

  • Linux 64 | Update ID: 1850495523
  • Windows 64 | Update ID: 2091863358

 


This Rapid7® Nexpose® 6.1.16 release includes:


Accuracy enhancements | product

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • Oracle Solaris 11 version fingerprinting has been improved.


Application enhancements | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • We have added the ability to scan dynamic sites with a "New Vulnerability" workflow in Adaptive Security.
  • We have made enhancements to the Rapid7 Labs Sonar integration. See product documentation "Working with Project Sonar" for detailed usage instructions and "Working with Project Sonar in Nexpose 6.1.16" for updating existing workflows.
  • An issue that caused asset scan results to be lost when using multiple templates and disabling services has been addressed.
  • Adaptive Security now supports multiple filters of the same type when filtering assets and vulnerabilities.
  • We have addressed an issue that prevented scans from launching when the scan had a Dynamic Asset Group (DAG) as the exclusion, and the DAG contained multiple assets using the same name.
  • Adaptive Security now triggers a scan if a vulnerability requested in a workflow has its content updated.
  • We have resolved an issue where the console would not start if specific content files were not installed and product updates were disabled.
  • We have updated error messaging in the UI to be more specific when a scan on an engine fails to start because the engine is shutting down or taking a product update.
  • We have increased the robustness of the JBoss remote fingerprint by improving its coverage.


Scanning enhancements | product

Better scan performance helps you to retrieve scan results more quickly with improved accuracy and more efficient use of resources:

  • We have addressed an issue that resulted in the scan engine going out of memory error when scanning a Telnet server that continuously sent data.


Accuracy enhancements | content

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • Several Oracle Linux vulnerability checks related to kernel packages have been refined for better accuracy.
  • Vulnerability correlation for Oracle Linux has been improved.


Coverage enhancements | content

New coverage expands your visibility into assets and threats in your environment:

  • New Center for Internet Security (CIS) policies now provide Windows compliance coverage for Mozilla Firefox 38 ESR.


Recurring coverage | content

New and updated vulnerability checks help protect your environment against the latest threats. See all the operating systems and applications covered by these updates.

 

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.

 

Product Update IDs

  • Linux 64 | Update ID: 2895896996
  • Windows 64 | Update ID: 1206300261

 


This Rapid7® Nexpose® 6.1.15 release includes:


Application enhancements | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • To increase successful reconnects in unstable networks, we have adjusted reconnect attempts for vCenter Discovery connections to wait longer between retries.
  • An issue with the Scan Asset Now button that prevented scanning the asset when it was only defined by host name has been amended.
  • We have addressed an issue with the XML Export and XML Export 2.0 reports that excluded assets without services from the reports.
  • We have resolved an issue where content only updates would not apply if the manual update functionality was utilized.
  • Proofs for Microsoft Windows vulnerability results have been updated to be more clear and concise.


Accuracy enhancements | content

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • An issue causing potential false positives for CESA-2011:0558 and CESA-2011:1424 on CentOS has been resolved.


Coverage enhancements | content

New coverage expands your visibility into assets and threats in your environment:

  • We have added unauthenticated coverage for CVE-2016-0800, the DROWN attack.


Recurring coverage | content

New and updated vulnerability checks help protect your environment against the latest threats. See all the operating systems and applications covered by these updates.

 

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.

 

Product Update IDs

  • Linux 64 | Update ID: 723218714
  • Windows 64 | Update ID: 3582723532

 


This Rapid7® Nexpose® 6.1.14 release includes:

March Patch Tuesday checks | content

New vulnerability checks provide up-to-date Microsoft Patch Tuesday scan coverage for March 2016. For information about all current security bulletins covered in this release, see the Microsoft Security Bulletin Summary for March 2016. Use the checks in this update to verify that the latest Microsoft patches have been applied to system assets.

These checks help you determine where new risks are located in your environment, allowing you to prioritize what needs to be remediated and help minimize risk.

Rapid7's Nexpose is now an official pre-authorized Vulnerability Management partner of Amazon Web Services (AWS)!

You can now find a Nexpose Scan Engine Amazon Machine Image (AMI) on the Amazon Web Services Marketplace, making it simple to deploy a pre-authorized Nexpose Scan Engine from the AWS Marketplace to scan your AWS assets! This allows you to launch a virtual server in the cloud, meaning you can deploy Nexpose Scan Engines via the Amazon marketplace without having to go through the process of configuring and installing it yourself. This provides Rapid7 customers the ability to scan AWS assets free of charge immediately, or on a recurring schedule without having to contact Amazon in advance for permission. Using a Nexpose Scan Engine deployed within the AWS network also allows you to scan private IP addresses and collect information which may not be available with public IP addresses (such as internal databases).  Additionally, scanning private IPs eliminates the need to pay for elastic IP's. Learn More


Application enhancements | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • Adaptive Security's site list dropdown menu has been enhanced to display sites alphabetically.
  • Adaptive Security's New Coverage Available trigger has been improved to find vulnerabilities that initially did not meet the settings in a filter, but after a content update the vulnerability's metadata changes to fall within the filter's range.
  • We have implemented a standardized ordering to the action filter options available in the Adaptive Security configuration panel.
  • We have addressed an issue that caused some operating systems to be listed with a trailing parenthesis.
  • A new feedback button on the asset page allows users to report incorrectly identified operating systems and send information that may be used to improve fingerprinting accuracy.


Accuracy enhancements | content

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • We have resolved an issue where a number of SSL/TLS cipher vulnerability checks had incorrect PCI CVSS scores.
  • An issue causing potential false positives for CVE-2016-1904 has been resolved.
  • An issue causing false positives for CVE-2016-1287 on Cisco ASA 9.1(6.11) devices has been resolved.


Coverage enhancements | content

New coverage expands your visibility into assets and threats in your environment:

  • New Center for Internet Security (CIS) policies now provide Windows compliance coverage for Google Chrome 46.


Recurring coverage | content

New and updated vulnerability checks help protect your environment against the latest threats. See all the operating systems and applications covered by these updates.

 

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.

 

Product Update IDs

  • Linux 64 | Update ID: 996704678
  • Windows 64 | Update ID: 3700092671

Content update ID

  • Update ID: 201603091511

 


This Rapid7® Nexpose® 6.1.13 release includes:


Accuracy enhancements | product

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • Copied policies and/or uploaded policies are no longer ignoring the CPE.
  • We have improved the fingerprinting accuracy of Windows assets.
  • Fingerprints for Windows Server 2008 are now accurately displayed.


Application enhancements | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • The table in the group configuration page has been modified to maintain its sorting order after a user removes an asset from a static asset group.
  • We placed the report template search box in a better observable position.
  • We have decreased the time needed to run a XML export report for large scale environments.
  • We have addressed an issue where the policy rule compliance table fails to load when a policy is opened.
  • We have implemented a monitor to track the transmit statistics for scan data on the console and remote engines.


Coverage enhancements | product

New coverage expands your visibility into assets and threats in your environment:

  • New Center for Internet Security (CIS) policies now provide compliance coverage for Oracle MySQL Community Server 5.7.
  • New Center for Internet Security (CIS) policies now provide compliance coverage for Oracle MySQL Enterprise Edition 5.6.


Scanning enhancements | product

Better scan performance helps you to retrieve scan results more quickly with improved accuracy and more efficient use of resources:

  • An issue that impaired SSH public keys from authenticating during scans has been resolved.
  • We have addressed an issue where performance was impacted when a firewall interfered with WMI messages being sent to a Windows device.
  • We have resolved an issue that caused a Windows device to permanently hang when writing WMI messages to it.
  • We have improved scan times of firewall and IPS devices.


Accuracy enhancements | content

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • An independent check for the BEAST attack vulnerability (CVE-2011-3389) has been added.
  • We have added an independent check for the POODLE attack vulnerability (CVE-2014-3566).


Application enhancements | content

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • We have addressed an issue with white space displayed in vulnerability name fields of CSV exports.


Coverage enhancements | content

New coverage expands your visibility into assets and threats in your environment:

  • New Center for Internet Security (CIS) policies now provide Windows compliance coverage for Microsoft Office Access 2016, Microsoft Office Excel 2016, Microsoft Office Outlook 2016, Microsoft Office PowerPoint 2016, and Microsoft Office Word 2016.
  • New Center for Internet Security (CIS) policies now provide Windows compliance coverage for Microsoft Office Access 2013, Microsoft Office Excel 2013, Microsoft Office Outlook 2013, Microsoft Office PowerPoint 2013, and Microsoft Office Word 2013.
  • New Center for Internet Security (CIS) policies now provide compliance coverage for Oracle MySQL Community Server 5.7.
  • New Center for Internet Security (CIS) policies now provide compliance coverage for Oracle MySQL Enterprise Edition 5.6.


Recurring coverage | content

New and updated vulnerability checks help protect your environment against the latest threats. See all the operating systems and applications covered by these updates.

 

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.

 

Product Update IDs

  • Linux 64 | Update ID: 982432951
  • Windows 64 | Update ID: 254414120

Content update ID

  • Update ID: 967439872

 

3 people found this helpful

Attachments

    Outcomes