Virsec Security Platform (VSP) leverages the patented Trusted Execution™ technology to protect high-value enterprise applications deployed in data center or on public and hybrid clouds, from highly sophisticated attacks including memory corruption, code injection, credential theft, supply chain and other sophisticated attacks. VSP effectively creates and enforces guardrails around the application as it executes. These guardrails ensure that applications only perform as intended and restrain bad actors from corrupting memory as a precursor to hijacking control of the application and subsequent stealing or destroying high-value enterprise data.
DATE OF RELEASEDATE OF RELEASE
6/3/2022
FIXESFIXES
Defect ID |
Description |
V2-22558 | Expired certificate of any application (EXE) execution does not block (in protect mode) when its publisher is whitelisted in CMS publisher list |
V2-22513 |
MS Exchange Server does not report incidents for attacks against the OWA application |
V2-22476 | Maintenance mode adds files to the local whitelist incorrectly |
V2-22466 |
Unable to delete disconnected (previously associated) probe |
V2-22460 |
AE component (vrule_run.sh) of probe is not started |
V2-22459 |
For an eWAF based application setup, Provisioning takes more than 5 minutes to attain Normal state |
V2-22457 |
UI for Web Services shows IIS but not supported in Compatibility Matrix |
SUPP-214 |
Probe auto-association to a profile using host-profile-tag is failing |
SUPP-203 |
CI and CD tools use images from internal Artifactory |
SUPP-168 |
After Maintenance mode, some dlls gets blocked |
Table – VSP 2.3.6 Fixes
KNOWN ISSUESKNOWN ISSUES
Category |
Description |
Known Issue/ Caveat |
Host Monitoring |
||
Windows library issue |
In Windows, VSP host monitoring does not suspend already running processes that have non-whitelisted libraries loaded into it |
Known Issue |
Linux HMM agent limitation |
In Linux, VSP host monitoring injects its own HMM agent into every running process. The HMM agent expects a specific version of glibc. If the application loads its own custom glibc version that is not compatible with the HMM agent, the HMM agent may not load correctly causing some application issues |
Limitation |
Windows application execution inconsistency |
In Windows, an application can be started with or without its .exe extension. Since VSP host monitoring analyzes the commandline as is, running python.exe vs python may result in different detections |
Limitation |
Table – Known Issues