Research Release Highlight - Updates to detection for XZ utilities and Curl/libcurl

Summary

Feature and code optimization updates improve detection for XZ utilities and Curl/libcurl for Linux/UNIX and macOS.

Change

Before this update, the plugin that detected XZ utilities on Linux/UNIX (192709) did not detect the product on macOS.

Now, the plugin will detect the product and its vulnerabilities on macOS systems. In addition, due to optimizations added to shared libraries during this update, the plugin that detects Curl and libcurl on Linux/UNIX will be more effective at locating certain installations of that product, such as those that are located in a directory that is symbolically linked.

Impact

Instances of XZ utilities will be detected on macOS systems. A small number of instances of Curl and libcurl that were not detected previously may be detected now. 

New vulnerable instances will trigger vulnerability detection plugins as usual. However, if the same vulnerability was previously detected and fixed on other Linux/UNIX machines, the "First Seen" date for the vulnerability might reflect the earlier detection. This could impact the compliance status of the vulnerability.

Plugins

192709 - Tukaani XZ Utils Installed (Linux / Unix)

182774 - Curl Installed (Linux / Unix)

Target Release Date

June 17, 2024