Skip to main content

Mondoo 5.37.0 is out!

ยท 3 min read
Tim Smith
Mondoo Core Team

๐Ÿฅณ Mondoo 5.37.0 is out. This release's big features: Windows, Windows, and more Windows! Updated CIS benchmarks, expanded vulnerability scanning, and much more.

Get this release: Installation Docs | Package Downloads | Docker Container

๐ŸŽ‰ NEW FEATURESโ€‹

Expanded Windows Platform Supportโ€‹

New and Updated CIS Benchmarks

New CIS Windows 11 and Windows 2022 benchmarks version 1.0 are available in the Mondoo Policy Hub. We've also updated our existing CIS benchmarks for Windows to the latest CIS releases:

  • Windows 2016 updated to 1.3.0
  • Windows 2019 updated to 1.3.0
  • Windows 10 updated to 1.12.0

Windows 10 and 11 Security Advisories

The Mondoo Platform Vulnerability Policy now includes security advisory and CVE reporting for Windows 10 and 11. We've also made improvements to ensure that systems with many security advisories correctly report the complete set.

Unpatched Windows 10 Scan

Windows 10 and 11 Platform EOL Dates

The Mondoo Platform End-of-Life Policy includes EOL data for Windows 10 and 11.

Non-EOL Windows 10 Scan

Kubernetes Deployment Scans

The Mondoo Kubernetes operator's admission controller now includes full scanning of each Kubernetes deployment and pod. With the admission controller enabled, these scans will show up in the fleet view. See the mondoo-operator repo for more details. Stay tuned for a guided operator setup and improved UI experience coming soon.

๐Ÿงน IMPROVEMENTSโ€‹

New ssh-host-key id-detector

You can now identify the system you're scanning through the ssh-host-key with the --id-detector CLI flag.

mondoo scan --id-detector ssh-host-key

New Ubuntu Security Advisory Data

The Mondoo Platform Vulnerability Policy now includes security advisory data for Ubuntu 22.04 and the upcoming Ubuntu 22.10 release.

New UI Color Theme

The Mondoo CLI output has a new color theme to better match the output you see in the Mondoo Console.

Improved Output in Kubernetes Application Benchmark

The output in the Kubernetes Application Benchmark by Mondoo now displays the pod name and namespace in the query output. With this information, you can trace vulnerable pods back to their manifests.

Pop!_OS Support

Mondoo now detects and scans the Pop!_OS Linux distribution by System76.

๐Ÿ› BUGFIXESโ€‹

  • Fix loading of id-detector config option for mondoo scan
  • Fix handling of non-existing registry keys on Windows
  • Fix several detection errors in Mondoo Security Baseline policies:
    • Improve reliability of Auditd state to prevent errors checking state
    • Don't fail when /etc/group- doesn't exist on a system
    • Add a new query on Windows hosts to make sure users don't have the privilege to attach debuggers