New update includes a new scanning algorithm, support for Spring Framework and new vulnerability checks for Ruby on Rails, Jira, Apache Tapestry, Golang, vBulletin, and others

Acunetix version 12 (build 12.0.191121158) has been released.

This new build introduces a new scanning algorithm that removes redundant scanning tasks. In addition, the scanning tasks are prioritized in a way that gives dissimilar locations higher scanning priority, improving the time to detect dissimilar vulnerabilities. The latest Acunetix update adds a good number of important vulnerability checks and includes various updates and fixes, which are available for all editions of Acunetix.

Here is the full set of updates:

New Features

  • New scanning algorithm resulting in faster scans
  • The scanner will give higher priority to locations that are dissimilar to ones that have already been scanned
  • JAVA AcuSensor now supports the JAVA Spring Framework

New Vulnerability Checks

Updates

  • Deepscan is now caching static assets; this will result in faster scans
  • Improved memory consumption by the scanner
  • Improved processing of forms and form handling
  • Improved detection of paths
  • The scanner will now process commented-out HTML
  • Updated command injection payloads

Fixes

  • Fixed scanner crash
  • Fixed WAF detection false positive
  • Fixed: Check for sensitive files was accessing restricted links
  • Fixed issue causing the scanner to multi-line session validation pattern
  • Fixed: Some locations were incorrectly detected by DeepScan
  • Fixed issue causing integrated LSR to close due to ad blocking
  • Fixed issue with HAR import files
  • Fixed issue in the detection of weak authentication credentials
  • Fixed issue affecting the detection of DOM XSS vulnerabilities
  • Fixed issue in the detection of a possible username and password disclosure
  • Fixed issue with recording restricted links in Internet Explorer
  • Fixed: Tech admin can now configure the engine to be used for a target
  • Fixed issue affecting scanning of domains with international characters

Upgrade to the latest build

If you are already using Acunetix v12, you can initiate the automatic upgrade from the new build notification in the Acunetix UI > Settings page.

If you are using a previous version of Acunetix, you need to download Acunetix version 12 from here. Use your Acunetix License Key to download and activate your product.

Share this post
Nicky SciberrasNicholas Sciberras Chief Technical Officer
LinkedIn: https://www.linkedin.com/in/nicholas-sciberras/

As the CTO at Acunetix, Nicholas is passionate about IT security and technology at large. Prior to joining Acunetix in 2012, Nicholas spent 12 years at GFI Software, where he managed the email security and anti-spam product lines, led multiple customer service teams and provided technical training.