New

• We added a remote check for CVE-2020-10189, an unauthenticated remote code execution vulnerability affecting ManageEngine Desktop Central. See ManageEngine's Security Update for more information on this vulnerability.
• Microsoft Patch Tuesday coverage: This release includes updated scan coverage for March 2020.
• Center for Internet Security (CIS) Policy Content - We updated three existing Microsoft SQL Server CIS policies and added a new one:
  • Updated
  • Microsoft SQL Server 2008 (v1.6.0)
  • Microsoft SQL Server 2012 (v1.5.0)
  • Microsoft SQL Server 2014 (v1.4.0)
  • New
  • Microsoft SQL Server 2019 (v1.0.0)

Improvements

• We released support for Docker Trusted Registry in our container security feature. See our Container Registry Sync page in Docker Hub for instructions on how to deploy this app.
• We improved the performance of policy checks that query Windows users. This change will significantly reduce scan times on systems with a large number of users and user groups.

Fixes

• We fixed an issue where Security Console backups created from a PostgreSQL 11.7 database would incorrectly show 9.0 as the PostgreSQL version number.
• We reduced the memory impact of tagging individual assets. This alleviates memory usage issues on the Security Console caused by mass tagging operations using the API.
• We fixed an issue affecting the Scan Engine that could cause inaccurate vulnerability assessments of installed RPM packages on Linux assets.