New
Customer Requested
- New Microsoft Edge policy: We added a new Center for Internet Security (CIS) policy that provides coverage for Microsoft Edge.
Improved
Customer Requested
- Find where Firefox is installed: Proofs for Mozilla Firefox vulnerabilities will now contain the installation path where Firefox was found on the asset.
- Updated Defense Information Systems Agency (DISA) policies: We updated the following DISA benchmarks:
- RHEL 8 - version 1, release 1
- Mozilla Firefox STIG for RHEL - version 5, release 2
- Mozilla Firefox STIG for Windows - version 5, release 2
- Updated Ubuntu Linux policy: We updated our Center for Internet Security (CIS) Ubuntu Linux 20.04 LTS policy to version 1.1.0.
Fixed
- We fixed an issue that prevented vulnerability Real Risk scores from recalculating when the vulnerability received an updated CVSSv2 vector. Going forward, content updates that assign a new CVSSv2 vector to a vulnerability will trigger a Real Risk recalculation as expected.
- In-progress data warehouse exports that freeze or take too long to complete will now cancel automatically so that future exports can run without requiring a Security Console restart.
- Security Console user accounts that do not have permission to access all assets in an asset group can now run ad hoc scans on the individual asset members they do have access to as long as the user account also has access to the site.
- We fixed an issue that allowed password manager features and extensions in web browsers to populate some unrelated Security Console form fields with values stored by the password manager.