Article: 4.41.0 release (#15376)

Fleet 4.41.0 release article and echelon 1 article.

---------

Co-authored-by: Eric <eashaw@sailsjs.com>

articles/fleet-4.41.0.md

@@ -0,0 +1,77 @@
+# Fleet 4.41.0 | NVD API 2.0, Windows script library.
+
+![Fleet 4.41.0](../website/assets/images/articles/fleet-4.41.0-1600x900@2x.png)
+
+Fleet 4.41.0 is live. Check out the full [changelog](https://github.com/fleetdm/fleet/releases/tag/fleet-v4.40.0) or continue reading to get the highlights.
+For upgrade instructions, see our [upgrade guide](https://fleetdm.com/docs/deploying/upgrading-fleet) in the Fleet docs.
+
+## Highlights
+
+* NVD API 2.0
+* Windows script library
+
+
+### NVD API 2.0
+
+The National Vulnerability Database (NVD) is transitioning to its new 2.0 API, a change that significantly impacts all users of vulnerability management services, including Fleet. Effective December 15th, 2023, the NVD will exclusively support the more advanced, flexible, and user-friendly 2.0 API, rendering previous versions of Fleet incompatible. This update mandates an essential upgrade to Fleet v4.41.0 (or later) to maintain access to the latest vulnerability data and ensure continuous monitoring and security compliance. Dive into the details and prepare for a seamless transition by reading our full article at [Fleet's NVD API 2.0 Update](https://fleetdm.com/announcements/nvd-api-2.0).
+
+
+### Windows script library
+
+Fleet has expanded its script management capabilities by introducing support for Windows scripts in the UI in addition to existing [CLI and API support for script execution](https://fleetdm.com/docs/using-fleet/scripts), enhancing the versatility of its Scripts Library. In addition to macOS, Fleet users can now upload, store, and manage Windows-specific scripts PowerShell `.ps1` script files. This feature enables the execution of scripts directly from the Host Details page for Windows devices, providing a streamlined and efficient process for script management. By extending script support to Windows, Fleet demonstrates a commitment to openness, catering to a broader user base and acknowledging the diverse environments in which its users operate. This update signifies Fleet’s dedication to ownership, empowering users with robust tools to manage their devices effectively across different operating systems. The addition of Windows script support in Fleet enhances its utility as a comprehensive tool for IT administrators, allowing for seamless and flexible script management in mixed-device environments.
+
+## Changes
+
+* **Endpoint operations**:
+  - Enhanced `fleetctl` and API to support PowerShell (.ps1) scripts.
+  - Updated several API endpoints to support `os_settings` filter, including Windows profiles status.
+  - Enabled `after` parameter for improved pagination in various endpoints.
+  - Improved the `fleet/queries/run` endpoint with better error handling.
+  - Increased frequency of metrics reporting from Fleet servers to daily.
+  - Added caching for policy results in MySQL for faster operations.
+
+* **Device management (MDM)**:
+  - Added database tables for Windows profiles support.
+  - Added validation for WSTEP certificate and key pair before enabling Windows MDM.
+
+* **Vulnerability management**:
+  - Fleet now uses NVD API 2.0 for CVE information download.
+  - Added support for JetBrains application vulnerability data.
+  - Tightened software matching to reduce false positives.
+  - Stopped reporting Atom editor packages in software inventory.
+  - Introduced support for Windows PowerShell scripts in the UI.
+  
+* **UI improvements**:
+  - Updated activity feed for better communication around JIT-provisioned user logins.
+  - Query report now displays the host's display name instead of the hostname.
+  - Improved UI components like the manage page's label filter and edit columns modal.
+  - Enabled all sort headers in the UI to be fully clickable.
+  - Removed the creation of OS policies from a host's operating system in the UI.
+  - Ensured correct settings visibility in the Settings > Advanced section.
+
+### Bug fixes
+
+  - Fixed long result cell truncation in live query results and query reports.
+  - Fixed a Redis cluster mode detection issue for RedisLabs hosted instances.
+  - Fixed a false positive vulnerability report for Citrix Workspace.
+  - Fixed an edge case sorting bug related to the `last_restarted` value for hosts.
+  - Fixed an issue with creating .deb installers with different enrollment keys.
+  - Fixed SMTP configuration validation issues for TLS-only servers.
+  - Fixed caching of team MDM configurations to improve performance at scale.
+  - Fixed delete pending issue during orbit.exe installation.
+  - Fixed a bug causing the disk encryption key banner to not display correctly.
+  - Fixed various error code inconsistencies across endpoints.
+  - Fixed filtering hosts with invalid team_id now returns a 400 error.
+  - Fixed false positives in software matching for similar names.
+
+
+## Ready to upgrade?
+
+Visit our [Upgrade guide](https://fleetdm.com/docs/deploying/upgrading-fleet) in the Fleet docs for instructions on updating to Fleet 4.41.0.
+
+<meta name="category" value="releases">
+<meta name="authorFullName" value="JD Strong">
+<meta name="authorGitHubUsername" value="spokanemac">
+<meta name="publishedOn" value="2023-11-28">
+<meta name="articleTitle" value="Fleet 4.41.0 | NVD API 2.0, Windows script library.">
+<meta name="articleImageUrl" value="../website/assets/images/articles/fleet-4.41.0-1600x900@2x.png">

articles/nvd-api-2.0.md

@@ -0,0 +1,70 @@
+![NVD API 2.0: An important update for Fleet users](../website/assets/images/articles/nvd-api-2.0-1600x900@2x.jpg)
+
+In the ever-evolving cybersecurity landscape, staying ahead isn't just an advantage – it's anecessity. That's why the upcoming transition in the National Vulnerability Database (NVD) is more than just news; it's a pivotal change for everyone in the field of vulnerability management. Come December 15th, 2023, NIST will move exclusively to their new [NVD 2.0 API](https://nvd.nist.gov/general/news/api-20-announcements). This advancement marks a step and a giant stride forward, offering a more robust, flexible, and user-friendly way to access crucial vulnerability data.
+
+For users of Fleet, this transition is particularly important. The older versions of Fleet will no longer work with the NVD’s data feed after the transition. To align with these changes and harness the full capabilities of the NVD's API 2.0, an upgrade to Fleet v4.41.0 (or later) is essential. Failing to upgrade means allowing crucial updates on vulnerabilities to slip right past your defenses, a risk no one in our community can afford.
+
+So, what does this mean for you, and why is it crucial to make the shift? Let's delve into the heart of these changes and understand how upgrading to Fleet v4.41.0 will empower your vulnerability management like never before.
+
+
+## Why this matters to you
+
+The NVD is the U.S. government repository of standards-based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. The transition to API 2.0 is not merely an update—it's a significant shift in how this vital data is accessed and processed.
+
+
+## Key changes in NVD 2.0 API
+
+Updated Data Model: The NVD 2.0 API adopts a new data model (SCAP) that better reflects the evolving nature of vulnerability information. This model is more granular and provides a richer representation of vulnerability details.
+
+Enhanced Search Capabilities: The NVD 2.0 API offers advanced search functionalities, enabling users to filter and retrieve vulnerability data based on various criteria, including CVE IDs, CVSS scores, product names, and publication dates.
+
+Structured Data Representation: The NVD 2.0 API delivers vulnerability data in JSON format, providing a well-defined and consistent structure for consuming and processing the information.
+
+In addition, they have implemented API Versioning, improved developer documentation, and now offer official API client libraries for various programming languages.
+
+
+## Fleet's proactive approach
+
+We are committed to staying ahead of the curve. That's why we're excited to announce that with our
+the release of Fleet v4.41.0, we will fully support the NVD's API 2.0. This
+update will ensure a seamless transition for our users and bring enhanced stability and security
+features that come with the new API.
+
+
+## Your next steps
+
+To continue receiving the latest vulnerability data without interruption, all Fleet users should upgrade to [v4.41.0](/releases/fleet-4.41.0) as soon as it's released. Delaying this update could result in your service no longer receiving new vulnerability updates after the December 15th cutoff.
+
+Keep your defenses up by taking advantage of critical vulnerability updates. Plan your upgrade to Fleet v4.41.0 and continue safeguarding your systems with confidence.
+
+
+## FAQ
+
+
+### What is the NVD Data Feed API 2.0?
+
+The NVD 2.0 API is a modern, structured, real-time API that provides comprehensive access to vulnerability data, enabling developers and security professionals to manage vulnerabilities and protect their systems effectively.
+
+
+### Is there a deadline for upgrading Fleet?
+
+To continue receiving the latest vulnerability data without interruption, all Fleet users should upgrade to v4.41.0 before December 15, 2023.
+
+
+### How can I upgrade to Fleet v4.41.0?
+
+Visit our [Upgrade guide](https://fleetdm.com/docs/deploying/upgrading-fleet) in the Fleet docs for instructions on updating to Fleet 4.41.0.
+
+
+### What happens if I don’t upgrade Fleet by the deadline?
+
+Delaying this update could result in your service no longer receiving new vulnerability updates after the December 15th cutoff.
+
+
+
+<meta name="category" value="announcements">
+<meta name="authorFullName" value="JD Strong">
+<meta name="authorGitHubUsername" value="spokanemac">
+<meta name="publishedOn" value="2023-11-28">
+<meta name="articleTitle" value="NVD API 2.0: An important update for Fleet users">
+<meta name="articleImageUrl" value="../website/assets/images/articles/nvd-api-2.0-1600x900@2x.jpg">