I got the email for this yesterday. When I went to do the reinstall, it looks like the version of the InsightAppSec engine that downloads from the deploy new engine link is the same version as the one from the last “you must uninstall/reinstall” email in August. The download is R7-insightAppSecEngine-Setup-x64-US3-1.0.47. So was this an accidental email from Rapid7, or did the software link not get updated with a new version to fix the issue in the email below?
Here is the text from the email:
We’re writing to inform you that due to an issue we encountered on 11/06/23 with our build server certificate, you may have experienced a degradation in services provided by the InsightAppSec product, resulting in scans being blocked and engines appearing offline.
We can confirm that we have remediated the issue and successfully updated our engine build; however as a result you will be required to uninstall your existing engine and manually install the new engine.
For customers currently on the 7.4 version of the engine you must upgrade to 7.5 and you will also need to reboot your host machine to access this new version of the engine. Please see the install and reboot guide linked here to assist you with this requirement.
Please schedule this at your earliest convenience as failure to do so will restrict product usage.
We apologize for any inconvenience this may have caused you. Please feel free to reach out to your Customer Success Manager or support if you have any concerns.