In a significant cybersecurity alert, Tenable has announced that their Nessus vulnerability scanner agents were rendered inactive worldwide due to problematic updates, causing headaches for users on multiple continents. As of December 31st, customers have been advised to manually upgrade their software to restore their agents—an inconvenient requirement for many.

Tenable's incident report confirmed that the issue struck "certain users on all sites" across North America, Europe, and Asia, including organizations of all sizes. The company paused plugin updates to avoid exacerbating the problem, which has led to agents being knocked offline after updates to versions 10.8.0 and 10.8.1. In response, Tenable has released a fix: version 10.8.2, which is now available to tackle the shutdown issues.

According to Tenable’s status page, they are planning to resume the plugin feeds by the end of the day, allowing customers to download updates once again. “An identified problem can cause Tenable Nessus Agents 10.8.0 and 10.8.1 to go offline during differential plugin updates,” Tenable outlined. They have systematically disabled updates for these versions to mitigate further complications.

Steps to Bring Your Agents Back Online

Affected users must take immediate action to restore functionality. The only viable paths are either upgrading to the new version 10.8.2 or downgrading to 10.7.3. Additionally, a plugin reset is required to fully recover offline agents, particularly if agent profiles were leveraged during the update process.

"The remediation process entails upgrading to 10.8.2 or reverting to 10.7.3, and for those utilizing agent profiles for these adjustments, a separate plugin reset is essential for the recovery of offline agents,” the company stated. This manual intervention emphasizes that users will need to execute the installation package for the new version and perform necessary resets using provided script commands or the nessuscli reset command.

Historical Context: Learn from the Past!

This isn’t the first time a faulty update has wreaked havoc on cybersecurity systems. In July 2024, a catastrophic incident involving an erroneous CrowdStrike Falcon update led to massive outages that paralyzed numerous organizations, from banks to hospitals, globally. The fallout saw entire fleets of devices crashing with the dreaded blue screen of death (BSOD), illustrating the severe repercussions of flawed updates in an interconnected digital landscape.

As incidents like these highlight vulnerabilities in our cybersecurity frameworks, it serves as a warning to tech users everywhere to stay vigilant and proactive in managing their software updates.

Stay tuned for more updates on this evolving situation and make sure your systems are secure! Will your organization be next?