May 12, 2021
This release includes Microsoft Patch Tuesday coverage for May, updated policy content, and a new check for CVE-2021-21551.
New
- Microsoft Patch Tuesday coverage: This release includes updated scan coverage for May 2021. Check out our blog post for details.
Customer Requested
- New vulnerability content: We added an authenticated check for CVE-2021-21551 , an insufficient access control vulnerability affecting a Dell Client firmware update driver.
Improved
- Improved SSH credential status reporting: The Security Console interface and scan logs will now show an overall Failed status for SSH credentials if included permission elevation settings were unsuccessful during a scan. This change replaces the original behavior where successful SSH authentication would produce a Success status even if a subsequent attempt to elevate permissions failed.
- Improved Scan Engine SSH support: The Scan Engine can now connect to SSH endpoints using the
chacha20-poly1305@openssh.comcipher. - Updated Center for Internet Security (CIS) policies: We updated the following CIS policies:
- Microsoft Windows Server 2019, version 1.2.0
- Apple macOS 10.14, version 1.3.0
- Apple macOS 10.15, version 1.3.0
Fixed
- We fixed an error that could occur when trying to log information about files with incomplete path data when enhanced logging was enabled.
- We fixed an issue that was causing false positive results for several rules in our DISA STIG Windows 2019 Server policy.
- We fixed false positives for CVE-2021-24111 on Windows 10 systems that have KB4601094 installed.
- We fixed multiple CIS Windows policies that were producing incorrect results when collecting
HKEY_USERSregistry keys.