A new Acunetix update has been released for Windows, Linux, and macOS: 14.1.210316110.

This Acunetix update introduces web asset discovery, allowing Acunetix users to easily identify web assets, which might have been forgotten and which belong to their organization. In addition, the Acunetix UI now features a new FQDN page, making it easier to identify all the licensed targets, and the multi-engine configuration is now easier than ever thanks to a number of enhancements. This update includes a number of important vulnerability checks for well-known applications, numerous updates, and fixes, all of which are available for all editions of Acunetix.

New Features

  • Web asset discovery, allowing users to discover domains related to their organization or web assets already configured in Acunetix
  • A new page showing all the target FQDNs that consume a target license

New Vulnerability Checks

Updates

  • Acunetix updated to fully support NTLM Authentication for proxy authentication
  • Multiple LSR/BLR and DeepScan updates and fixes
  • Updated Chromium to v88.0.4298.0
  • Updated Postgres database to v13.2
  • The Engines page has been updated to show the following:
    • Status (online or otherwise) for each engine
    • The build number for each engine
    • Any license issues are reported as part of the status for each engine
  • Multi-engine setups will start to automatically update the engine-only installations when the main installation is updated
  • The UI will reload after Acunetix is upgraded
  • The WAF Export button renamed to Export to, and the feature has been added to the Scans page
  • Multiple updates to the Comprehensive report
  • Proxy settings can now be specified for each issue tracker
  • Updated JavaScript library audit check to cover libraries not hosted on the scanned target
  • Users can now be created from the API
  • Updated CORS check

Fixes

  • Fixed a bug in the Vulnerabilities in SharePoint could allow elevation of privilege check
  • Fixed an issue causing a check for updates to occasionally fail on macOS
  • Fixed an issue causing DOM XSS sink to not always be shown in the code extract displayed in the alert
  • Fixed an issue resulting from using a custom collection in a TFS issue tracker configuration
  • Fixed an issue in the WordPress XML-RPC pingback abuse check
  • Fixed the DeepScan crash issue
  • Fixed a false positive in the broken link hijacking check
  • The vulnerability CSV export now includes the URL where the vulnerability was detected

Upgrade to the Latest Build

This update includes upgrades to the Postgres database. Windows users can initiate the automatic upgrade from the new build notification in the Acunetix UI > About page. Linux and macOS users will need to download Acunetix from here and upgrade manually. Use your Acunetix license key to download and activate your product.

You can find more information on how to upgrade to Acunetix v14 here.

SHARE THIS POST
THE AUTHOR
Nicholas Sciberras
Chief Technical Officer
As the CTO at Acunetix, Nicholas is passionate about IT security and technology at large. Prior to joining Acunetix in 2012, Nicholas spent 12 years at GFI Software, where he managed the email security and anti-spam product lines, led multiple customer service teams and provided technical training.