New
- Microsoft Patch Tuesday coverage. This release includes new Microsoft Patch Tuesday content for updated scan coverage for February 2025. Check out our blog post for details.
- Vulnerability coverage. We added recurring vulnerability coverage for the following software:
- Apache OFBiz
- Cisco Firepower
- JetBrains IntelliJ
- Photon OS
- Zimbra Collaboration
- Zoho ManageEngine ADAudit Plus
- Zoho ManageEngine ADSelfService Plus
- Zoho ManageEngine Password Manager Pro
- Zoho ManageEngine ServiceDesk Plus
- Zoho ManageEngine ServiceDesk Plus MSP
Improved
- Security improvements. As part of Rapid7's ongoing efforts to enhance our security posture, we've upgraded the Security Console's encryption protocols. Customers with FIPS mode enabled must ensure their scan engines are updated to version 6.6.274 at a minimum (released on October 16, 2024) before applying this upgrade to maintain functionality. For customers who do not have FIPS mode enabled, no action is required.
- CIS Ubuntu benchmark. We updated our built-in content for CIS Ubuntu 22.04 benchmark to the latest version 2.0.0.
Fixed
- We resolved an issue where CyberArk managed credentials would fail to display certain attributes after saving.
- We resolved an issue in the console report for Top Policy Remediations with Details. In some cases, the list of rules to remediate was different than the rules in the details about remediations. The two sections now have the same rules.
- We resolved an issue that caused vulnerabilities on an asset to be assigned to a non-existent NIC when the asset didn't have a NIC assigned. This had the potential effect of vulnerabilities on those assets not being included in remediation.
- We resolved an issue that caused the scan engine to use 100% of the CPU when idle.