Virsec Security Platform (VSP) leverages the patented Trusted Execution™ technology to protect high-value enterprise applications deployed in data center or on public and hybrid clouds, from highly sophisticated attacks including memory corruption, code injection, credential theft, supply chain and other sophisticated attacks. VSP effectively creates and enforces guardrails around the application as it executes. These guardrails ensure that applications only perform as intended and restrain bad actors from corrupting memory as a precursor to hijacking control of the application and subsequent stealing or destroying high-value enterprise data.

 

 

DATE OF RELEASEDATE OF RELEASE

 

7/15/2022

FIXESFIXES

 

Defect ID

Description

V2-22745 High Memory Utilization on Windows servers is observed due to vIPC Server Memory Leak
V2-22691 Web provisioning fails on containers
V2-22685 Legitimate process is BLOCKED after switching to Protect Mode

V2-22683

LDAP User authentication fails when BindDN user account (used for LDAP auth) is in a user directory that is different from BaseDN

V2-22666 Partial Probes get exported from CMS console probe page when all probes are selected during export

V2-22665

False Positives incidents reported for SQL Injection

V2-22638

LDAP user is unable to access CMS console if the default role is set to none

V2-22578

CMS is not running as the Disk space is full without any log limit configuration

V2-22550

vsysi driver installation fails when secure boot is enabled on a target Linux machine

V2-22513

MS Exchange Server does not report incidents for attacks against the OWA application

V2-22410

Probe export list file contains incorrect information

SUPP-306

Unable to switch 2.3.6 custom MS Exchange build to Protect mode

SUPP-279

RXSS for internal IPs and False positive SQLi incidents reported

SUPP-273

IBM and IIS servers are absent in the compatibility Matrix but are featured in the installation docs

SUPP-261

LDAP User authentication fails when BindDN user account (used for LDAP auth) is in a user directory that is different from BaseDN

SUPP-257

VSP Documentation: Incident email subscription documentation to be added

SUPP-250

FSM agent fails to create file event and report it to CMS (except file removed event)

SUPP-197

Issue encountered during uninstallation of VSP probe on RHEL 7.8 server

Table – VSP 2.3.7 Fixes 

KNOWN ISSUESKNOWN ISSUES

 

Category

Description

Known Issue/ Caveat

Host Monitoring

Windows library issue

In Windows, VSP host monitoring does not suspend already running processes that have non-whitelisted libraries loaded into it

Known Issue

Linux HMM agent limitation

In Linux, VSP host monitoring injects its own HMM agent into every running process. The HMM agent expects a specific version of glibc. If the application loads its own custom glibc version that is not compatible with the HMM agent, the HMM agent may not load correctly causing some application issues

Limitation

Windows application execution inconsistency

In Windows, an application can be started with or without its .exe extension. Since VSP host monitoring analyzes the commandline as is, running python.exe vs python may result in different detections

Limitation

Table – Known Issues