Skip to main content

Mondoo 10.10 is out!

ยท 3 min read
Tim Smith
Mondoo Core Team

๐Ÿฅณ Mondoo 10.10 is out! This release includes XZ Utils vulnerability detection, expanded AWS asset inventory, and more!โ€‹

Get this release: Installation Docs | Package Downloads | Docker Container

๐ŸŽ‰ NEW FEATURESโ€‹

XZ Utils Vulnerability policyโ€‹

The recent XZ supply chain attack in XZ 5.6.0 and 5.6.1 (CVE-2024โ€“3094) thankfully didn't make it into any mainstream enterprise Linux distributions. There's still a significant risk if employees are running rolling distributions or pre-releases of upcoming Linux distros. To quickly evaluate your CVE-2024โ€“3094 exposure, we've created a new XZ Vulnerability (CVE-2024โ€“3094) policy that looks for XZ 5.6.0/5.6.1 on impacted Linux releases:

  • Alpine
  • Arch
  • Debian trixie/sid
  • Fedora 40
  • Kali 2024.1
  • openSUSE Tumbleweed

XZ Vulnerability Policy affected assets

๐Ÿงน IMPROVEMENTSโ€‹

Improved AWS asset overview informationโ€‹

Get the context you need to resolve security findings quickly with expanded overview information on AWS assets:

  • Volume size on EBS volumes and snapshots
  • Database engine version on RDS instances
  • Storage size and type on RDS instances
  • Table size on DynamoDB tables
  • Retention time on CloudWatch log groups

RDS instance with expanded asset overview

Expanded Endpoint Detection and Response policy supportโ€‹

Detect the ESET EDR in the Endpoint Detection and Response (EDR) policy.

New Terraform checks in CIS GCP Foundation policyโ€‹

Flag critical security misconfigurations before they ever run in your infrastructure with expanded Terraform config checks in the CIS Google Cloud Platform Foundation policy. New checks evaluate Terraform configs for proper GCP uniform bucket level access setup.

Fedora 40 EOL/CVE detectionโ€‹

The Fedora 40 beta is now available for testing, and Mondoo is ready with CVE and EOL detection for this upcoming Linux release. Keep your test systems safe from critical vulnerabilities such as the compromised XZ release (CVE-2024โ€“3094) that originally shipped in this beta.

Resource improvementsโ€‹

aws.autoscaling.groupsโ€‹

  • Improve resource default values
  • New availabilityZones field
  • New capacityRebalance field
  • New defaultInstanceWarmup field
  • New desiredCapacity field
  • New instances field
  • New maxInstanceLifetime field

aws.cloudfront.distributionsโ€‹

  • New cnames field

๐Ÿ› BUG FIXES AND UPDATESโ€‹

  • Improve performance of AWS cloud detection.
  • Fix Windows policies with multi-language support to rely on the system language instead of the locale.
  • Simplify the Linux server installation instructions.
  • Support vulnerability scanning of RPMs with a ^ symbol in the name.
  • Update additional CIS GCP Foundations checks to work against Terraform configs.
  • Fix the CIS VMware ESXi 6.7 Benchmark - Corporate/Enterprise Environment policy to only apply to VMware 6.