Security Updates

The following are security updates included in Tenable Nessus 10.4.1:

• Updated OpenSSL to 3.0.7 to address two high-severity security vulnerabilities.

• Updated the libexpat library to 2.5.0 to address a security vulnerability.

For more information, see the Tenable Product Security Advisory.

Bug Fixes

Bug Fix	Defect ID	Applies to
Increased the Tenable Nessus Manager node update payload size.	01441268	Tenable Nessus Manager

Upgrade Notes

• Tenable Vulnerability Management FedRAMP environments support Tenable Nessus scanners version 8.x and 10.4.0 and later.

• (Automatic upgrades only) If you upgrade Tenable Nessus to a version later than 10.5.0, the Tenable Nessus will first upgrade to 10.5.0 before it upgrades to the desired version.
• You can upgrade to the latest version of Tenable Nessus from any previously supported version.
• If your upgrade path skips versions of Tenable Nessus, Tenable recommends reviewing the release notes for all skipped versions to learn about new features and bug fixes.
• If you want your scanners to update to the newest version before the GA date automatically, set your Tenable Nessus Update Plan to Opt in to Early Access releases.
• If you want to update your scanners to the latest version before the GA date manually, disable automatic updates so the scanner does not automatically downgrade to the previous version.

• For Tenable Nessus 8.8.0 and later running on Windows, you must install Visual C++ Redistributable for Visual Studio 2015 on the host operating system. The following Windows versions require a minimum Service Pack to be installed:

  • Windows 7 SP1
  • Windows Server 2008 SP2
  • Windows Server 2008 R2 SP1