Nexpose release announcements for April 2016

Document created by Rapid7 Learning Team Employee on Apr 4, 2016Last modified by Rapid7 Learning Team Employee on May 19, 2016
Version 10Show Document
  • View in full screen mode

To help you protect your environment against ever-evolving security threats, Rapid7 releases coverage updates for Nexpose on a weekly basis. Product IDs and installer links are added the day of the release. This page contains detailed announcements for the most recent Nexpose coverage releases:


This Rapid7® Nexpose® 6.2.5 release includes:


Accuracy enhancements | content

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • Improvements to coverage have been made to reduce false positives for CentOS 7.
  • We have improved the accuracy of the vulnerability check for CVE-2012-1493 when a ssh-login-proxy is being used.


Application enhancements | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • Users can now have more flexibility managing expiration dates when performing bulk operations in the vulnerability exception workflow. Users reviewing vulnerability exceptions can change, keep, or remove expiration dates when approving a group of selected vulnerability exceptions. Users can also change, keep, or remove an expiration date when resubmitting previously rejected vulnerability exceptions in bulk.
  • We've improved the accuracy of adding vSphere assets to sites. vSphere assets are now added via IP addresses instead of hostnames.
  • We've streamlined the creation of asset filters for efficiency. Users are now able to filter with a single IP Address in addition to filtering for IP Address ranges. Here is a list of the updated filters users have access to filter IP Addresses with:
    • is (return a single IP address)
    •   is not (exclude a single IP address)
    • in the range of (return a list of IPs within the given range)
    • not in the range of (return a list of IPs excluding the given range).


Recurring coverage | content

New and updated vulnerability checks help protect your environment against the latest threats. See all the operating systems and applications covered by these updates.

 

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.

 

Product Update IDs

  • Linux 64 | Update ID: 4034543288
  • Windows 64 | Update ID: 2839227050

 


This Rapid7® Nexpose® 6.2.4 release includes:


Accuracy enhancements | content

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • The accuracy of our check for RHSA-2013-0544 has been improved.


Coverage enhancements | content

New coverage expands your visibility into assets and threats in your environment:

  • New Center for Internet Security (CIS) policies now provide compliance coverage for Microsoft Windows 8.1.


Scanning enhancements | content

Better scan performance helps you to retrieve scan results more quickly with improved accuracy and more efficient use of resources:

  • An issue that could potentially cause scans to hang when enabling Windows Remote Registry has been resolved.


Accuracy enhancements | product

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • An issue that caused the incorrect fingerprinting of Cisco IOS-XE devices has been resolved.
  • We have improved resilience of Windows Audit Policy scans. Scans will now make a second attempt using Powershell to collect Windows Audit Policy Subcategories if the first attempt fails.


Application enhancements | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • Users can now see the timeline of vulnerability exceptions at a glance. We have added the Reported On and Reviewed On dates to the Vulnerability Exceptions listing on the Asset Details page and the Exceptions and Overrides page.
  • We have improved the reliability of remote Scan Engine updates.
  • We have updated the Database Export Report to support larger data types in the destination database, such as handling of service names or versions larger than 255 characters.
  • We decreased startup duration by improving the performance of policy checks loading during startup.
  • We have improved resilience of diagnostic transmission by addressing an issue that could, under certain circumstances, prevent scan logs or support packages from being properly sent.


Scanning enhancements | product

Better scan performance helps you to retrieve scan results more quickly with improved accuracy and more efficient use of resources:

  • An issue that could potentially cause scans to hang when enabling Windows Remote Registry has been resolved.


Recurring coverage | content

New and updated vulnerability checks help protect your environment against the latest threats. See all the operating systems and applications covered by these updates.

 

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.

 

Product Update IDs

  • Linux 64 | Update ID: 3580849708
  • Windows 64 | Update ID: 3782390281

 


This Rapid7® Nexpose® 6.2.3 release includes:


Accuracy enhancements | product

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • We have addressed an issue that may have prevented scanning of dynamic asset groups from running successfully.


Recurring coverage | content

New and updated vulnerability checks help protect your environment against the latest threats. See all the operating systems and applications covered by these updates.

 

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.

 

Product Update IDs

  • Linux 64 | Update ID: 3004228069
  • Windows 64 | Update ID: 1168405163

 


This Rapid7® Nexpose® 6.2.2 release includes:


Coverage for April Patch Tuesday exposures | content

New vulnerability checks provide up-to-date Microsoft Patch Tuesday scan coverage for April 2016. For information about all current security bulletins covered in this release, see the Microsoft Security Bulletin Summary for April 2016. Use the checks in this update to verify that the latest Microsoft patches have been applied to system assets.


Accuracy enhancements | content

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • We have remedied an issue where the CIS Redhat Enterprise 5 benchmark failed to evaluate against certain systems running RHEL5.
  • Accuracy of Oracle Linux Unbreakable Enterprise Kernel (UEK) checks has been improved.
  • CIS Redhat Enterprise 5 and Redhat Enterprise 6 benchmarks have been updated to their latest versions (2.2.0.1 and 1.4.0.1 respectively).


Coverage enhancements | content

New coverage expands your visibility into assets and threats in your environment:

  • New Center for Internet Security (CIS) policies now provide Windows compliance coverage for Microsoft Internet Explorer 11.
  • We have introduced coverage for Cisco UCS vulnerabilities.
  • We have added coverage for CVE-2016-2118, the Badlock vulnerability.


Accuracy enhancements | product

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • We have addressed an issue that would cause endpoints to be misidentified as an SNMP service.


Application enhancements | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • Users can now specify the character encoding when making requests to the XML API.
  • The vulnerability category filter in Adaptive Security is now a drop-down instead of a text field, to make it easier for the user to select appropriate categories. This will be especially useful with the new "R7 Critical" category.
  • We have introduced a retry state to Adaptive Security scans. If an Adaptive Security scan fails because the scan engine the site uses is offline, Adaptive Security will retry the workflow periodically, and display this information in the user interface.
  • Users can now see the entire workflow when editing Adaptive Security workflows.
  • Filter options for discovered assets in Adaptive Security have been enhanced.
  • To help eliminate scanning mistakes and loss of scanning opportunities, users will now be warned and scans will not start if all scan targets to be scanned are excluded by site configuration or global asset exclusion configuration.


Recurring coverage | content

New and updated vulnerability checks help protect your environment against the latest threats. See all the operating systems and applications covered by these updates.

 

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.

 

Product Update IDs

  • Linux 64 | Update ID: 1729848534
  • Windows 64 | Update ID: 1371418631

 


This Rapid7® Nexpose® 6.2.1 release includes:


Accuracy enhancements | product

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • We have improved SNMP v3 protocol fingerprinting coverage.
  • We have addressed an issue with policy scans that caused the policy rule to return an error due to imperfect handling of Windows registry value of REG_NONE.


Application enhancements | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • You will now see the name of the site you are editing throughout the configuration pages to ensure you are making changes to your desired site.
  • We have addressed an issue where CSV export reports were not honoring the report language selected by the user. The header text in these reports will now display in the selected language.
  • A new Top Compliance Remediation report has been released and will provide a prioritized and actionable list of failed compliance rules. This will allow users to better understand where to focus their efforts and energy in the policy and compliance space.
  • We have improved the Inclusion and Exclusion of Asset Groups in Site Configuration, allowing for vSphere dynamic assets to be included and all dynamic asset types to be excluded from scans.
  • A new policy report has been released that allows users to understand their compliance status, line by line. This report will assist in driving compliance programs by informing users which rules within a policy have passed or failed, allowing them to begin remediation of the failed rules.
  • We made changes to the cache-control headers to be more consistently set across web resources, allowing browsers to take full advantage of caching. This has improved the rendering performance of pages across the web interface.
  • We have addressed an issue that caused the "unlock account" console command not to function properly.
  • XML Export 1.0 and 2.0 reports have been updated to separate unique assets which share a primary IP address.
  • Disabling a user will now remove any open sessions for that user. Users who have been disabled while in an open session will have their session invalidated.
  • Backups larger than 2 GB can now be downloaded from the user interface using a web browser.
  • We have addressed an issue where DISA policy scans could not be started.
  • We have resolved an issue where running a scan with multiple engines could, under certain circumstances, result in a scan that never completes.
  • We have included the ability to record multiple DNS names for an IP address if a DNS server provides multiple PTRs for the IP address from the reverse DNS lookup.
  • We have addressed an issue where the Newly Discovered Assets report would fail to generate for non-English languages.
  • Improvements to the Security Console calendar have made it easier to see scans, blackouts, and maintenance operations from a daily, weekly, and monthly view. All calendar entries include links to the event details, so that viewing and editing them is a streamlined process.
  • Database maintenance tasks, such as cleanup, compression, and re-indexing, can be scheduled to run automatically.
  • Security console backups can be scheduled to run automatically, which eliminates the need to manually manage database operations.
  • Security Console calendars can be synced to an external calendar, such as Outlook or iCal, using an ICS URL. Any changes to the Security Console calendar will automatically be updated in the external calendar. Anyone who knows the ICS URL will be able to subscribe to the calendar to view scheduled scans and blackouts.
  • Security Console calendars can be exported as an ICS file and imported into an external calendar, such as Outlook or iCal, to provide a static snapshot of scan schedules and blackouts.
  • We have resolved an issue were the console would not restart after a content update.


Issue coverage | content/product

The following IS numbers have been addressed in this release:

  • IS-6302, IS-6798, IS-6216, IS-6170, IS-5783, IS-6745, IS-6014, IS-3996, IS-6788, IS-6486, IS-6094, IS-6744, IS-6752, IS-6758, IS-6802, IS-6768, IS-6661, IS-6534


Recurring coverage | content

New and updated vulnerability checks help protect your environment against the latest threats. See all the operating systems and applications covered by these updates.

 

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.

 

Product Update IDs

  • Linux 64 | Update ID: 2366721377
  • Windows 64 | Update ID: 2639433599

 

3 people found this helpful

Attachments

    Outcomes