RSA, The Security Division of EMC, announces the release of Web Threat Detection 5.0.3. The release includes two fixes. Only the highlights of the release are provided here, for further details, please refer to the Release Notes.
1) Prevents confidential information of Web Threat Detection users from being part of the URL, eliminating the possibility that URLs cached by the browser will contain this confidential information.
2) Disallows the use of all HTTP methods such as TRACE, OPTIONS and CONNECT, not explicitly used by Web Threat Detection and restricts the use of HEAD and DELETE to specific URLs.
The RSA Web Threat Detection platform runs on CentOS 6.x or Red Hat Enterprise Linux 6.x.
Recommendation:RSA recommends that customers upgrade to RSA Web Threat Detection 5.0.3 now available for download.