Index

Oct 28, 2020

We now support recurring vulnerability coverage for Pulse Connect Secure, and we released a few improvements and fixes.

New

Customer Requested

New automated vulnerability content: We now support recurring vulnerability coverage for Pulse Connect Secure. This coverage requires configuring web site form credentials to authenticate to the /admin page of the Pulse Connect Secure server.

Customer Requested

Enhanced policy search: The Policies table in the Security Console now features a search option for custom policies. Prepend your search term with custom:true to limit the results to only those policies that you’ve already customized. For example, searching for custom:true windows 2016 will only return custom policies for operating systems that match the windows 2016 search string.

Customer Requested

Improved Telerik UI vulnerability coverage: We updated our existing Telerik UI for ASP.NET authenticated vulnerability checks so they are no longer considered potential checks. In addition, we also added new remote checks for CVE-2017-11317 and CVE-2019-18935.

UUID support for Windows VMs in Azure: Following up with our Linux VM UUID assertion capability shipped in product version 6.6.49, the Scan Engine can now also assert the VM ID for Windows VMs in Azure as the UUID for the asset when its scan data gets integrated into the Security Console.

We updated the description for the Remediation Project-related permission in the Security Console to match what the permission allows.
APIv3 no longer requires a populated name field for each enumerated user account on an asset.
We fixed an issue that prevented the Export to CSV function for Remediation Projects from working when the Open tab was selected.
We fixed an issue that could occasionally cause simultaneous scans to fail.
We updated our checks for the Windows Defender vulnerabilities CVE-2020-1163 and CVE-2020-1170 to resolve false positives caused by a changed file location.