Nexpose release announcements for June 2016

Document created by Rapid7 Learning Team Employee on May 31, 2016Last modified by S Tempest on Jun 30, 2016
Version 8Show Document
  • View in full screen mode

To help you protect your environment against ever-evolving security threats, Rapid7 releases coverage updates for Nexpose on a weekly basis. Product IDs and installer links are added the day of the release. This page contains detailed announcements for the most recent Nexpose coverage releases:


This Rapid7® Nexpose® 6.3.3 release includes:


Application enhancements | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • Users can now save their personal view of the Nexpose calendar. For any event that spans multiple days, users can choose to display this in the calendar, or choose the start day only. In the monthly view, when users have multiple scans per day and choose the popout option, a scroll bar now makes viewing the scans much easier.
  • We have improved scan status communication: vulnerability alerts will now be sent when the scan of an asset is complete to avoid duplicate alerts from the same asset.
  • The Risk Trend report section has been updated to better honor the use last scan only option.
  • We have improved the reliability of vSphere discovery connections, resolving a rare situation which could stop the connection abruptly.
  • We have made an update so that a scan that has been paused or stopped no longer shows as still running in the interface.


Scanning enhancements |  product

Better scan performance helps you to retrieve scan results more quickly with improved accuracy and more efficient use of resources:

  • Threading of scans in Scan Engine pools has been updated to improve performance in multi-core environments.
  • We have resolved a Java Virtual Machine issue that could result in a scan engine crash when a scan is in progress and a content update is applied.


Accuracy enhancements | content & product

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • A check for MS15-067 on Windows Server 2008 systems has been updated to reduce the possibility of false positives.
  • Scan performance has been improved. An issue that could potentially cause a scan hang when the CIFS client receives a malformed response has been resolved.
  • We have corrected an issue with Window Graphics components that could cause false negatives in certain cases.


Recurring coverage | content

New and updated vulnerability checks help protect your environment against the latest threats. See all the operating systems and applications covered by these updates.

 

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.

 

Product Update IDs

  • Linux 64 | Update ID: 4090160142
  • Windows 64 | Update ID: 2840394557

 


This Rapid7® Nexpose® 6.3.2 release includes:


Application enhancements | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • Administrators can now save and manage custom user roles which will allow permissions to be assigned more quickly to users in their teams.
  • The new Policy Details report template allows you to create reports that can help you understand the details of your policy scan results.
  • Policy reports now include policy rationales and remediation information, so you can have a better understanding of how to remediate policy compliance failures. The Security Console will import this information upon the initial upgrade.
  • We have improved scan schedule handling when scheduled scans are resumed or restarted.
  • Service mappings can now be easily disabled in the scan template using the keyword "disable".
  • We have resolved an issue that caused subsequent update attempts to fail if a previous update process interrupted due to connection loss.


Scanning enhancements | content & product

Better scan performance helps you to retrieve scan results more quickly with improved accuracy and more efficient use of resources:

  • We have improved support for Microsoft Patch Tuesday checks by updating the representation of supersedence relationships.
  • We have adjusted the synchronization when a non-thread safe object is accessed simultaneously with multiple threads, in order to prevent scan hangs.
  • We have modified the way in which scan schedules are handled in order to improve performance when schedule volumes increase.


Accuracy enhancements | content

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • An issue that caused false positives for CVE-2016-1287 against Cisco ASA devices has been resolved.


Recurring coverage | content

New and updated vulnerability checks help protect your environment against the latest threats. See all the operating systems and applications covered by these updates.

 

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.

 

Product Update IDs

  • Linux 64 | Update ID: 2446815285
  • Windows 64 | Update ID: 2392786644

 


This Rapid7® Nexpose® 6.3.1 release includes:


Coverage for June Patch Tuesday exposures | content

New vulnerability checks provide up-to-date Microsoft Patch Tuesday scan coverage for June 2016. For information about all current security bulletins covered in this release, see the Microsoft Security Bulletin Summary for June 2016. Use the checks in this update to verify that the latest Microsoft patches have been applied to system assets.


Accuracy enhancements | content & product

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • We have added support for single user mode vulnerability checks when systemd is used.
  • We have enhanced the functionality of determining a user's home directory mode on Red Hat Enterprise Linux systems.
  • Cisco ASA targets are now correctly fingerprinted when additional data is appended to the version string.
  • We have increased the accuracy of detecting Cisco IOS releases that are obsolete.


Application enhancements | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • Locally-discovered ports using netstat are now available in the user interface on the asset details page. Additionally, reports can be generated by creating a SQL Export Report and using the following SQL query: SELECT * FROM dim_asset_socket_details against the Reporting Data Model Version 2.0.2.


Recurring coverage | content

New and updated vulnerability checks help protect your environment against the latest threats. See all the operating systems and applications covered by these updates.

 

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.

 

Product Update IDs

  • Linux 64 | Update ID: 671556939
  • Windows 64 | Update ID: 2629321643

 


This Rapid7® Nexpose® 6.3.0 release includes:


Dashboards

 

    • Nexpose Dashboards are dynamic scoreboards fed by our advanced exposure analytics and personalized to instantly show what is important, what needs to happen next, and the overall progress of the program, so you know whether you are winning or losing.
VulnerabilityDashboard.png
    • You can easily build Dashboards to communicate with multiple audiences from IT and compliance to the C-Suite. Customize, re-use and share Dashboards with members of your team and your stakeholders while being assured your existing role-based access controls are honored; share only the information you need to share.
shareDashboard.png


Advanced Exposure Analytics

 

    • Access a library of pre-built analytics that automatically translate decades of attacker and vulnerability assessment knowledge to power intelligence into the Dashboards and show you exactly what is important at that moment.  Jump start your analysis with role-specific views and time-based comparisons to reduce effort in understanding your weak points.
cardLibrary.png
    • Dynamically drill into live data, expanding your visibility and context in your world. Powerful query, sort and filter abilities are put at your fingertips allowing you to focus on what matters and reducing the time to get from find to fix.
drilldown.png

Dashboards and Advanced Exposure Analytics are exclusively available to users of Nexpose Enterprise or Nexpose Ultimate editions, and are powered by the Rapid7 Insight Platform. There is no additional software to install or hardware to maintain.

For more information and resources on how to opt-in and get started with Dashboards and Advanced Exposure Analytics please see www.rapid7.com/nexpose-now.


Application enhancements | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • To provide better understanding and clarity, we have updated our terminology for policy overrides.
  • Nexpose now supports installation on Ubuntu 16.04 LTS (Xenial Xerus).


Scanning enhancements | product

Better scan performance helps you to retrieve scan results more quickly with improved accuracy and more efficient use of resources:

  • We have improved scan performance by reducing the time taken to release allocated networking resources related to HTTP(S) connections.


Recurring coverage | content

New and updated vulnerability checks help protect your environment against the latest threats. See all the operating systems and applications covered by these updates.

 

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.

 

Product Update IDs

  • Linux 64 | Update ID: 4077527485
  • Windows 64 | Update ID: 763486537

 


This Rapid7® Nexpose® 6.2.13 release includes:


Accuracy enhancements | content

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • We have updated the CVE-2015-4852 vulnerability check to flag WebLogic instances with Oracle's Jan 2016 Patch Set Update (PSU) installed as invulnerable.


Scanning enhancements | content

Better scan performance helps you to retrieve scan results more quickly with improved accuracy and more efficient use of resources:

  • We have addressed a potential scan hang when performing authenticated vulnerability checks on AIX systems.


Application enhancements | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • We updated faulty links to Riskiest Site and Riskiest Asset Group on the Console homepage.
  • We addressed an issue that prevented an administrator from forcing a user to reset their password on the user's next login attempt.
  • We have simplified the managing of tags across a large amount of assets. Users can now upload a CSV file containing a list of host names and/or IP address and ranges and apply a single tag of any type.
  • Assets with host names that contain multiple consecutive hyphens will now be store and displayed correctly.


Scanning enhancements | product

Better scan performance helps you to retrieve scan results more quickly with improved accuracy and more efficient use of resources:

  • An issue that could cause poor scan performance when an HTTP server response contained no body and left the connection open has been addressed.
  • We have improved scan performance when utilizing SSH for data collection.

Issue coverage | content & product

The following IS numbers have been addressed in this release:

  • IS-1462, IS-6836, IS-6966, IS-6891.


Recurring coverage | content

New and updated vulnerability checks help protect your environment against the latest threats. See all the operating systems and applications covered by these updates.

 

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.

 

Product Update IDs

  • Linux 64 | Update ID: 3359227778
  • Windows 64 | Update ID: 2621734787

 

1 person found this helpful

Attachments

    Outcomes