Tenable says prospects should manually improve their software program to revive Nessus vulnerability scanner brokers taken offline on December thirty first because of buggy differential plugin updates.
Because the cybersecurity firm acknowledged in an incident report issued after pausing plugin updates to stop the difficulty from impacting much more methods, the brokers went offline “for sure customers on all websites.”
This ongoing incident impacts methods up to date to Nessus Agent variations 10.8.0 and 10.8.1 throughout the Americas, Europe, and Asia. Tenable has since pulled the dangerous variations and launched Nessus Agent model 10.8.2 to repair the difficulty inflicting brokers to close down.
In essentially the most current replace on their standing web page, Tenable stated they plan to renew the plugin feed by the tip of the day to permit plugin downloads once more.
“There’s a recognized situation which might trigger Tenable Nessus Agent 10.8.0 and 10.8.1 to go offline when a differential plugin replace is triggered. To forestall such a difficulty, Tenable has disabled plugin feed updates for these two agent variations. Moreover, Tenable has disabled the ten.8.0 and 10.8.1 variations to stop additional points,” Tenable says within the Nessus Agent 10.8.2 launch notes.
Handbook upgrades required to convey brokers again on-line
Affected prospects should improve to agent model 10.8.2 or downgrade to 10.7.3 to convey their Nessus brokers again on-line, however a plugin reset can be required to get well offline brokers if agent profiles are used for upgrades or downgrades.
“To repair the above situation, all Tenable Vulnerability Administration and Tenable Safety Middle prospects working Tenable Nessus Agent model 10.8.0 or 10.8.1 should both improve to agent model 10.8.2 or downgrade to 10.7.3. In case you are utilizing agent profiles for agent upgrades or downgrades, you will need to carry out a separate plugin reset to get well any offline brokers,” the corporate added.
Nevertheless, fixing the difficulty requires manually upgrading the brokers utilizing the Tenable Nessus Agent 10.8.2 set up package deal and, the place wanted, first resetting agent plugins both utilizing a script (shared within the launch notes) or a nessuscli reset command.
In July 2024, a comparable incident with a way more vital affect, triggered by a defective CrowdStrike Falcon replace, induced widespread outages that affected many organizations and companies worldwide, together with banks, airways, airports, TV stations, and hospitals.
The CrowdStrike glitched replace took down total firms and fleets of tons of of 1000’s of units by crashing Home windows methods worldwide with blue display screen of demise (BSOD) errors.
