News You Need

Tenable is thrilled to announce the general availability of enhanced Tenable Vulnerability Priority Rating (VPR) in the new Explore views and the Vulnerability Intelligence section within Tenable Vulnerability Management. These updates enable you to: Sharpen precision to focus on what matters most: While traditional CVSS scores classify 60% of CVEs as High or Critical, our original VPR reduced this to 3%. The enhanced VPR further refines this, helping your teams focus on just 1.6% of vulnerabilities that represent actual risk to your business by leveraging an even broader spectrum of threat intelligence and real-time data input used to predict near-term exploitation in the wild. Unlock AI-driven insights and explainability: Our new LLM-powered insights deliver instant clarity, helping you quickly understand why an exposure matters, how it has been weaponized by threat actors, and providing clear, actionable guidance for mitigation and risk reduction. See Vulnerability Intelligence for more information. Prioritize with industry and regional context: New metadata provides crucial context, helping you understand if a vulnerability is being targeted in your specific industry or geographic region. Leverage advanced querying & filtering: The enhanced VPR model is easily accessible for filtering and querying in the new Explore views, enabling faster investigations and response workflows. Original VPR and the enhanced VPR ('VPR (Beta)') scores will coexist for a period of time in Tenable Vulnerability Management. Future deprecation of the original VPR will be communicated in advance.

Finalizing the installation of Tenable OT Security and Tenable OT Security Enterprise Manager upgrades is now blocked if there are upgrades that require a reboot to take effect. Rebooting the system (when it is safe to do so) is required to allow the upgrade to finalize. Visiting the Nessus page in the Tenable Core user interface no longer logs an error in the system log about failing to find the version of Docker. Various user interface and styling improvements to the Nessus page in the Tenable Core user interface.

Tenable is pleased to announce the release of Tenable Patch Management 9.3.968.19, featuring major feature upgrades, new database server requirements, quality improvements, critical security, and bug fixes across the platform. Tenable strongly recommends upgrading to 9.3.968.19.Key Release Highlights Cross Platform Installation Enhancements Cross platform installers now support runtime parameters instead of updating and distributing a config file, allowing installations with switches similar to the Windows installer. Please refer to Tenable Patch Client Installation and Uninstallation in the official documentation for detailed instructions. New Client Auto-Upgrade Feature New auto-upgrade process has been developed to get clients up to the version of the server. This will work for all 9.3+ clients. Previous versions will need to use the old process to get clients to 9.3. The old process of auto-upgrade on Windows client will be deprecated in a future release. Please refer to the Upgrade Tenable Patch Clients Using Automatic Deployments in the official documentation for detailed instructions. Minimum Version of SQL Server Changed Minimum SQL Server version has changed. SQL Server must be at least SQL Server 2017. Also, the Adaptiva database compatibility level should be 140 or higher. Tenable recommends that SQL Server 2019 or later be used with compatibility level 150 or higher. Please refer to the Database Requirements and Configurations in the official documentation. Fix for Missing DLL Causing Dell Driver Installation Failures Resolves an issue where Dell drivers failed to install and Compliance Status showed "Non-Compliant" on Clients running Tenable Patch Management 9.2.XXX due to a missing DLL. The update in this release restores the required DLL, ensuring proper functionality for new installations going forward. Please note: Upgraded clients from version 9.1 or 9.0 do include this DLL and will not experience the issue. Resolved SQL Injection Vulnerability found in Tenable Server 9.1, 9.2, and Prior Versions Fixed a SQL injection vulnerability in the login process affecting versions prior to 9.2.XXX, 9.1.XXX, and prior versions. The issue was resolved by implementing parameterized queries. Therefore, Tenable strongly recommends upgrading to 9.3.968.19. See the related Tenable Security Advisory here. Microsoft 365 Patching in Tenable Patch Native Patching Support for the following versions of Microsoft Office: Microsoft 365 Office 2024 LTS Office 2024 Office 2021 Office 2019 (EOL scheduled for Oct 2025) Office 2016 (EOL scheduled for Oct 2025) Visio and Project, starting with version 2021 Fully integrated support for all updates that are released by Microsoft for the above products in Tenable Patch. No more manual blob generation or content packaging. Just select and deploy. Delta Updates = Smaller, Smarter Patching instead of downloading full 3GB updates for each language, Tenable Patch distributes monthly delta updates (30–50 MB), reducing bandwidth usage by up to 95%.