Software Vulnerability Manager 2018 R5 (On-Premises Edition)

Release Notes

October 2018

Introduction

Flexera’s Software Vulnerability Manager 2018 is a Vulnerability and Patch Management Software Solution that facilitates a customized Patch Management process. It combines Vulnerability Intelligence, Vulnerability Scanning, and Patch Creation with Patch Deployment Tool Integration to enable targeted, reliable, and cost-efficient Patch Management.

Vulnerability and Patch Management are critical components of any security infrastructure because it enables proactive detection and remediation of vulnerabilities before they are actively exploited and your security compromised. With Software Vulnerability Manager 2018, IT Operations and Security Teams are empowered to prevent vulnerability threats from both Microsoft and non-Microsoft (third-party) product vulnerabilities, covering Microsoft Windows, Mac OS, and Red Hat Enterprise Linux.

Software Vulnerability Manager 2018 integrates seamlessly with Microsoft® WSUS and System Center Configuration Manager.

New Features and Enhancements

Software Vulnerability Manager 2018 R5 (On-Premises Edition) includes the following new features and enhancements:

Microsoft Office 365 detection
Ability to use database configured with custom ports
Reduce agent traffic to server for better performance
Detect missing security updates from Microsoft System Center
Include --delete-all-settings for Mac agents
Mac agents to use lower priority background thread

Note • To see the following new features and enhancements in your Software Vulnerability Manager 2018 interface, you must refresh your browser’s cache.

Microsoft Office 365 detection

Due to a change in how Microsoft identifies Office 365 patches, we have made a new change to server logic to accommodate this scenario. You may notice additional vulnerability detections for Office 365 as a result in this release (CSIL- 8757).

Ability to use database configured with custom ports

Software Vulnerability Manager 2018 can now work with a database installed on non-default port (CSIL-4005). This can be configured by running installationProcess.sh script (CSIL-8777).

Reduce agent traffic to server for better performance

To address server high CPU usage during high volume of scan data, the following enhancements have been added to this release.

Previously after uploading data to server, the agent used to poll the server for a status of the scan process. When the server is handling a high volume, such polling translates to higher traffic. Agent polling was intended for debugging purposes only and is not needed for core functionality. As a result, this has been switched off by default. You have the ability to turn this feature ON or OFF on the settings page (CSIL-8896).

New Agent code has been enhanced to include a logic to determine if the scan data being uploaded to the server is the same as the prior scan. If it is, then the agent does not upload the data to the server, thereby decreasing traffic on the server. On the server side, this logic is turned off by default and is only recommended to be turned on for situations where clients are doing daily scans, Live Update is enabled, and the host machines are relatively stable in terms of software installed on them. Server logic can be further tuned with parameter SKIP_ON_SAME_SCAN_HASH in config.ini which controls the number of scans after which the agent is required to send a full scan data to the server. By default, the value of this parameter is zero. Setting it to a number greater than zero will enable this feature (CSIL -8833).

Detect missing security updates from Microsoft System Center

With this release, agents can be configured to include security updates from SCCM in the scan data. This feature can be used along with existing missing security update collection or as only source for missing knowledge base information (CSIL- 8777).

Include --delete-all-settings for Mac agents

The new Mac agent include has --delete-all-settings parameter that will wipe out all information including GUID from the system to ensure its clean to accommodate new installation (CSIL- 8788).

Mac agents to use lower priority background thread

New mac agent will now use lower priority background threads to ensure minimum impact to a host's running applications (CSIL- 8794).

Resolved Issues

Software Vulnerability Manager 2018 R5 (On-Premises Edition) has resolved the following issues:

Ensure my.cnf is not modified during upgrades
Windows 10 host now reports operating system accurately

Ensure my.cnf is not modified during upgrades

Installation process has been modified to verify if user wants to modify my.cnf file during upgrades (CSIL-8771).

Windows 10 host now reports operating system accurately

On 64-bit system, Windows 10 hosts were reporting OS name incorrectly as Enterprise Edition. This has been corrected (CSIL-8779).

Product Feedback

Have a suggestion for how we can improve this product? Please come share direct feedback with the product team and vote on ideas submitted by other users in our online community at https://flexeracommunity.force.com/customer/ideas/ideaList.apexp.

System Requirements

To use the Software Vulnerability Manager 2018 console, your system should meet the following requirements:

Minimum resolution: 1280x1024
Internet Explorer 11 or higher (Scan results can also be viewed from other browsers)
Internet connection capable of connecting to http(s)://csi_server_name/.
The http(s)://csi_server_name/ should be white-listed in the Firewall/Proxy configuration
First-Party cookie settings at least to Prompt (in Internet Explorer)
Allow session cookies
A PDF reader

Legal Information

Copyright Notice

Copyright © 2018 Flexera.

This publication contains proprietary and confidential information and creative works owned by Flexera and its licensors, if any. Any use, copying, publication, distribution, display, modification, or transmission of such publication in whole or in part in any form or by any means without the prior express written permission of Flexera is strictly prohibited. Except where expressly provided by Flexera in writing, possession of this publication shall not be construed to confer any license or rights under any Flexera intellectual property rights, whether by estoppel, implication, or otherwise.

All copies of the technology and related information, if allowed by Flexera, must display this notice of copyright and ownership in full.

Intellectual Property

For a list of trademarks and patents that are owned by Flexera, see https://www.flexera.com/producer/company/about/intellectual-property/. All other brand and product names mentioned in Flexera products, product documentation, and marketing materials are the trademarks and registered trademarks of their respective owners.

Restricted Rights Legend

The Software is commercial computer software. If the user or licensee of the Software is an agency, department, or other entity of the United States Government, the use, duplication, reproduction, release, modification, disclosure, or transfer of the Software, or any related documentation of any kind, including technical data and manuals, is restricted by a license agreement or by the terms of this Agreement in accordance with Federal Acquisition Regulation 12.212 for civilian purposes and Defense Federal Acquisition Regulation Supplement 227.7202 for military purposes. The Software was developed fully at private expense. All other use is prohibited.

Disclaimer

Information in this document is subject to change without notice. Companies, names, and data used in examples herein are fictitious unless otherwise noted. The provision of such information does not represent any commitment on the part of Flexera. Flexera makes no warranty of any kind with regard to this material, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose. Flexera shall not be liable for errors contained herein or for incidental or consequential damages in connection with the furnishing, performance, or use of this material.

The software described in this document is furnished by Flexera under a license agreement. The software may be used only in accordance with the terms of that license agreement. It is against the law to copy or use the software, except as specifically allowed in the license agreement. No part of this document may be reproduced or retransmitted in any form or by any means, whether electronically or mechanically, including, but not limited to: photocopying, recording, or information recording and retrieval systems, for any purpose other than the purchaser’s personal use, without the express, prior, written permission of Flexera.