Virsec Security Platform (VSP) leverages the patented Trusted Execution™ technology to protect high-value enterprise applications deployed in data center or on public and hybrid clouds, from highly sophisticated attacks including memory corruption, code injection, credential theft, supply chain and other sophisticated attacks. VSP effectively creates and enforces guardrails around the application as it executes. These guardrails ensure that applications only perform as intended and restrain bad actors from corrupting memory as a precursor to hijacking control of the application and subsequent stealing or destroying high-value enterprise data.

 

 

DATE OF RELEASEDATE OF RELEASE

 

6/3/2022

FIXESFIXES

 

Defect ID

Description

V2-22558 Expired certificate of any application (EXE) execution does not block (in protect mode) when its publisher is whitelisted in CMS publisher list

V2-22513

MS Exchange Server does not report incidents for attacks against the OWA application

V2-22476 Maintenance mode adds files to the local whitelist incorrectly

V2-22466

Unable to delete disconnected (previously associated) probe

V2-22460

AE component (vrule_run.sh) of probe is not started

V2-22459

For an eWAF based application setup, Provisioning takes more than 5 minutes to attain Normal state

V2-22457

UI for Web Services shows IIS but not supported in Compatibility Matrix

SUPP-214

Probe auto-association to a profile using host-profile-tag is failing

SUPP-203

CI and CD tools use images from internal Artifactory

SUPP-168

After Maintenance mode, some dlls gets blocked

Table – VSP 2.3.6 Fixes 

KNOWN ISSUESKNOWN ISSUES

 

Category

Description

Known Issue/ Caveat

Host Monitoring

Windows library issue

In Windows, VSP host monitoring does not suspend already running processes that have non-whitelisted libraries loaded into it

Known Issue

Linux HMM agent limitation

In Linux, VSP host monitoring injects its own HMM agent into every running process. The HMM agent expects a specific version of glibc. If the application loads its own custom glibc version that is not compatible with the HMM agent, the HMM agent may not load correctly causing some application issues

Limitation

Windows application execution inconsistency

In Windows, an application can be started with or without its .exe extension. Since VSP host monitoring analyzes the commandline as is, running python.exe vs python may result in different detections

Limitation

Table – Known Issues