Release 4.2: AWS | Azure | OCI |Hyper-V | OpenStack | Nutanix | RedHat OpenShift VMware

April 01, 2026

 The operating system for Virtual Scanner cannot be upgraded. You need to replace the scanner image or deploy a new scanner with the latest image, although this may not always be necessary. For details on when scanner replacement is necessary, refer to the Know when scanner replacement is needed section. 

What's New?

This release brings new features and updates to data centers and desktop platforms.

New Features

With this release, we have introduced new features for:

AWS

Supports both UEFI and BIOS boot modes, with UEFI as the default for all instance types that support it.

Azure

  • qVSA-4.2 is Gen 2–based and should be deployed on Azure Generation 2 VMs. A-series instance types are no longer supported. For a list of supported instance types, refer to the Support for Generation 2 VMs on Azure documentation.

  • Boots only in UEFI boot mode.

OCI

Supports both UEFI and BIOS boot modes, and UEFI is the default boot mode for all instance types that support it.

HyperV 

Supports both UEFI and BIOS boot modes. UEFI is the default boot mode.

OpenStack

  • Supports both UEFI and BIOS boot modes.
  • UEFI boot mode is set during Image creation.

Nutanix

Supports both UEFI and BIOS boot modes; select UEFI during Scanner VM deployment.

RedHat OpenShift

Supports both UEFI and BIOS boot modes

Vmware

Supports both UEFI and BIOS boot modes. UEFI is the default boot mode.

Limitations

Currently, we are not supporting SCAP scanning (applies to all platforms).

AWS

  • Secure Boot and vTPM are not yet supported.
  • No support for security type: Confidential VMs.

Azure

  • Secure Boot and vTPM are not yet supported.

  • The Security type Confidential VM is not yet supported due to Azure's OS-level requirements for RedHat/OEL 9.4+. See About Azure confidential VMs.

  • No support for the security feature Integrity Monitoring due to the Azure Agent and its extensions not being allowed to be instantiated or run on our qVSA VM.

  • The new version is Gen2-based; A-series are no longer supported for Gen2; refer to Support for Generation 2 VMs on Azure for supported VM sizes.

OCI

  • No support for Confidential VM.
  • Secure Boot and vTPM are not yet supported.

HyperV

Secure Boot and vTPM are not yet supported.

OpenStack

Secure Boot and vTPM are not yet supported.

Nutanix

Secure Boot and vTPM are not yet supported.

RedHat OpenShift

  • SecureBoot is not yet supported.
  • QEMU guest agent is not included in the qVSA-4.2.16 image.

Vmware

Secure Boot and vTPM are not yet supported.

 

© 2026 Qualys, Inc. All rights reserved. Privacy Policy. Last updated: April, 2026