Nexpose Release Announcements for September 2016

Document created by Jennifer Liou Employee on Sep 1, 2016Last modified by tdoan on Sep 28, 2016
Version 5Show Document
  • View in full screen mode

To help you protect your environment against ever-evolving security threats, Rapid7 releases coverage updates for Nexpose on a weekly basis. Product IDs and installer links are added the day of the release. This page contains detailed announcements for the most recent Nexpose coverage releases:


This Rapid7® Nexpose® 6.4 release includes:


New Features

  • Remediation Workflow (Beta) enables you to easily create remediation projects and assign tasks to remediation teams so they know exactly what they have to fix and why. Remediation details are presented in a language that IT teams can understand and provide the prioritization they need to be effective. With Remediation Workflow (Beta), IT, management, and C-suite teams now have the data they need to track the progress of every fix in real-time and validate each fix when it is done. Remediation Workflow (Beta) is available with Nexpose Enterprise and Ultimate. Once you opt in to Nexpose Now, you'll be able to create remediation projects to group together vulnerabilities that need to be remediated. Remediation projects leverage the simple yet powerful filtering capabilities of Nexpose Now Liveboards so that remediators will only see the information relevant to them. With Remediation Workflow, you now have the ability to track the progress of remediation projects across all teams at a glance.
  • Live Monitoring enables you to assess exposures in real-time and easily identify any changes on your network. With Live Monitoring, you can deploy Rapid7 Agents (Beta), which provide visibility into assets under heavy scanning restrictions while virtually eliminating credential management challenges that are typically associated with network-based scanning. Rapid7 Agents (Beta) automatically collect data, which is then seamlessly integrated into Nexpose Now Liveboards so that you can visualize and prioritize risks as they occur. You can monitor the status of your Rapid7 Agents (Beta) from your Nexpose Now Liveboards to identify any discrepancies or errors that require attention.
  • We have added user preferences for notifications. Now you can select the types of notifications you want to see while using the Security Console. The notifications panel will also now auto expand on login if there are any new notifications since the last login. You can configure this in the user preferences under notifications.
  • We have added notifications for updates to improve visibility for the update process. This includes notifications for when new updates are applied and if there are problems updating.
  • The documentation is now available online at https://help.rapid7.com/nexpose/. Links within the Security Console have been updated to point to the online help.


Improvements

  • Policies now have a new user interface that allows you to track your overall compliance position, see which policies are the most and least compliant, and drill into a policy to get detailed results. Each policy has a dedicated page that provides more information, such as assessment results by rule and scanned asset. The new interface also includes an Assets view, which shows you the assets that are the most compliant and least compliant. Like with policies, you can drill into an asset to get more detailed results and go to its dedicated page to get more information, such as policy assessment results, proof for why the rule passed or failed, and remediation steps.
  • Engine selection lists on discovery connection creation pages in administration and site creation are now sorted.
  • The connections list in the site configuration is now sorted by group and connection name.
  • PCI report templates have been updated to reference the relevant sections of PCI DSS v3.2.


Fixes

  • We have addressed a persistent cross-site scripting (XSS) vulnerability in the reports page. Thanks to Dinesh Ponnudurai for discovering this issue.
  • We have resolved an issue where policy scans fail to integrate when there are a large number of policy scans on the console.
  • We have addressed an issue that caused policy rules checking for network connections on Unix-based systems to return an error on certain targets.
  • A solution that referenced an invalid version of PHP has been updated to refer to the appropriate version.
  • A false positive for the PHP vulnerability CVE-2015-4601 has been resolved.
  • The host field for vulnerability syslog alerts has been changed to the address of the engine instead of the scan target.
  • We have addressed an issue where in certain situations the highest certainty fingerprint was not used when multiple fingerprints were found against the same asset.


Recurring Coverage

New and updated vulnerability checks help protect your environment against the latest threats. See all the operating systems and applications covered by these updates.

 

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.

 

Product Update IDs

  • Linux 64 | Update ID: 1633910366
  • Windows 64 | Update ID: 3623995213

 

This Rapid7® Nexpose® 6.3.15 release includes:


Application enhancements | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • We have addressed an issue preventing proper filtering of vSphere assets by power state.
  • We have addressed an issue preventing proper filtering of Amazon Web Services assets by instance type in some cases.
  • We have addressed an issue where editing values in a custom policy could result in an error in certain situations.


Recurring coverage | content

  New and updated vulnerability checks help protect your environment against the latest threats. See all the operating systems and applications covered by these updates.

 

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.

 

 

Product Update IDs

  • Linux 64 | Update ID: 2127721856
  • Windows 64 | Update ID: 1764139474

 

This Rapid7® Nexpose® 6.3.14 release includes:


Coverage for September Patch Tuesday exposures | content

New vulnerability checks provide up-to-date Microsoft Patch Tuesday scan coverage for September 2016. For information about all current security bulletins covered in this release, see the Microsoft Security Bulletin Summary for September 2016. Use the checks in this update to verify that the latest Microsoft patches have been applied to system assets.


Application enhancements | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • All users can now view the calendar of scheduled tasks. Previously only Global Administrators had access to the calendar.
  • An issue that could prevent the ARF (Asset Reporting Format) report from generating in specific situations has been resolved.
  • The Security Console Configuration page now loads properly in Internet Explorer 10 and 11.
  • Windows Management Instrumentation (WMI) credentials will now have their status correctly reported
  • You now have the ability to exclude paths from system-wide file searches on Unix systems using the custom property com.rapid7.nexpose.nse.excludedDirs.


Accuracy enhancements | content & product

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • We have resolved an issue with Microsoft patch detection where false positives could occur when a Windows component is merged from the General Distribution Release (GDR) stream to the Limited Distribution Release (LDR) stream.
  • When an RDP (Remote Desktop Protocol) service is fingerprinted, the application will now check it for TLS support and enumerate the supported cipher suites.


Recurring coverage | content

New and updated vulnerability checks help protect your environment against the latest threats. See all the operating systems and applications covered by these updates.

 

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.

 

Product Update IDs

  • Linux 64 | Update ID: 291155606
  • Windows 64 | Update ID: 2148556594

This Rapid7® Nexpose® 6.3.13 release includes:

    • Minor improvements to system update functionality.


Recurring coverage | content

New and updated vulnerability checks help protect your environment against the latest threats. See all the operating systems and applications covered by these updates.

 

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.

 

Product Update IDs

      • Linux 64 | Update ID: 1315214923
      • Windows 64 | Update ID: 2037146554

This Rapid7® Nexpose® 6.3.12 release includes:


Application enhancements | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

      • We have addressed an issue where Security Consoles with custom policies created launch in Maintenance Mode when adding policy benchmark DISA Windows 10. If you are experiencing this issue, apply the latest product update.
      • You are now able to opt in or out of automatic content updates from the Security Console Configuration page. This allows you to schedule content updates to occur at a certain time, if you want to prioritize Console uptime and network performance over immediate application of new vulnerability checks.
      • We have streamlined the user interface for Saving and Scanning a site, based on user feedback. Users will now be prompted and asked to confirm if they want to scan the site. Users also can choose whether they want to bypass this alert in the future.
      • We have improved Korean translations in the localized Security Console user interface and reports.
      • The last refresh time for a Scan Engine is now correctly updated when an engine is refreshed.
      • The version information for global scan engines is now correctly updated when refreshed.
      • We have fixed an issue where the scanner will not start automatically on boot with systemd when it is installed on a separate partition on certain Linux operating systems.
      • When the communication between the Security Console and remote scan engine becomes corrupted, the Security Console will detect and resolve the issue.


Coverage enhancements | content

New coverage expands your visibility into assets and threats in your environment:

      • We have added a remote vulnerability check for SWEET32 (CVE-2016-2183).


Scanning enhancements | product

Better scan performance helps you to retrieve scan results more quickly with improved accuracy and more efficient use of resources:

      • An issue that could prevent processes spawned by the Windows Update service from terminating during a policy scan has been resolved, for improved performance of policy scans.

 

Recurring coverage | content

New and updated vulnerability checks help protect your environment against the latest threats. See all the operating systems and applications covered by these updates.

 

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.

 

Product Update IDs

      • Linux 64 | Update ID: 1049877677
      • Windows 64 | Update ID: 2190686430

 

2 people found this helpful

Attachments

    Outcomes