Netwrix is pleased to announce the general availability of Netwrix Privilege Secure May ‘25 Release .
Due to a critical issue, this software release is not available for download. Version 4.2 Hotfix 8 is still available for download from your My Products page. We apologize for any inconvenience and are working to resolve the issue promptly. We will reply to this topic when it is available again. To be notified, scroll to the bottom and change your notification level from
Normal to Subscribed.
Want to be notified of future product updates?
Are you subscribed to this category? If not, or if you're not sure, expand me to see how!
Heads Up: Netwrix Privilege Secure Version Numbering Has Changed!
We’re excited to announce a new release—now using our brand new version numbering! Instead of 4.x, you’ll see versions like v25.06.
Curious why? Check out our version numbering change announcement»
Netwrix Privilege Secure May ‘25 Release is Now Live!
The documentation for Privilege Secure May ‘25 release is in progress and will be available at a later date. Please see the following ‘What’s New’ section for new features, bug fix lists, and other information about this release.
What’s New
Features
Role Management for Credentials
You can now delegate access to the Credentials Dashboard, allowing control over specific features and credential scopes for users.
Role Management for Recordings
Delegate access to watch session recordings, with fine-grained access control through combinations of users and resources.
Files in Secret Vaults
Files can now be stored in secret vaults. Access is controlled via Credential-Based Access Policies, and users can download files through a new File Release Activity.
Secret Vault Comments Field
Both credentials and files in secret vaults now support comments, enabling additional context and documentation.
Enable/Disable Keystrokes via Connection Profile
Keystroke and metadata collection can now be turned off for specific sessions via connection profiles. Note that video recording will still occur even if keystroke logging is disabled.
Quick Add for User Search in Access Policy
This quality-of-life enhancement allows users to be added directly from the search field in the Users tab of an Access Policy.
License Count in Users and Groups View
The Users and Groups page now displays the active license count in the top right corner. Additionally, a new column shows license usage for each user account and group membership.
Enforce Notes and Ticket Number via Browser Extension
If a connection profile is configured to require mandatory notes and/or a ticket number, the browser extension will now prompt users to provide the required information.
Account Keep Enabled for Credential-based Policies
Prevents accounts from being disabled after a credential release generated by a credential-based access policy. Please note: This does not affect Activities. That change will come in a future release.
Other Changes
- Renamed the “Rotate Service Account” button to “Service Account Details”
- Renamed the “Schedule Rotation” button to “Rotate”
- Added support for Domain Account logins to MS SQLServer
- Improved performance of Access Policies Users page load
- Added support for MS SQLServer Always-On in the DbConfig tool
Key Bug Fixes in This Release
This list includes the most significant fixes in this release; numerous minor bugs have also been addressed.
| ID | Decription |
|---|---|
| 390126 | Managed Account check-in workflows did not always function as expected |
| 388185 | Unassigned access policies could display on the Resource Selection > Session Wizard |
| 387363 | Activities that add to Domain Admins group could fail for subdomains |
| 386979 | Removed a cipher typo in sbpam_sshclient.json |
| 386260 | Hosts added through Active Directory could have DNS name falsely replaced if a scanned failed |
| 386065 | “OS Not Defined” errors could unexpectedly cause host protection and disable RDP to fail |
| 385401 | New Connection Profiles could unexpectedly display under Activity Token Complexity Policy |
| 383678 | Unsupported PostgreSQL regions could cause upgrade failures |
| 381832 | RDS sessions to macOS using RealVNC could fail |
| 374434 | Domains could unexpectedly display under Session Wizard Resource Selection |
| 374220 | API endpoint for looking up Approval by Approval ID did not always function as expected |
| 369763 | Failed password changes now throw better errors in logging |
| 369006 | Custom roles could expose unassigned credentials to users |
| 367236 | Historical page did not load in certain circumstances |
| 363171 | Improved logging for nltest |
| 361054 | Resolved issues with Cisco Model 3850 host scans |
| 360092 | Website sessions could remain live when a session is ended |
| 359030 | Access Policy - user name of a managed account would not always update after AD Sync |
| 356428 | actionserviceWorker could cause a memory leak |
| 347476 | Entra ID verify/rotate password would not function in certain scenarios |
| 346692 | Incorrect values could be used for %Resource% in a proxy’s macro |
| 346446 | User Profile cleanup did not always behave as expected for Domain Accounts |
| 345708 | Renaming a website resource could potentially not update the Credentials tab |
| 345389 | The WebService could process recordings on nodes where the recording does not exist |
| 345316 | Incorrect values could display in the Last Login Column for Role Management |
| 345256 | Webm recordings could potentially get discovered by the wrong proxy in a multi-proxy environment |
| 344086 | Entra ID - With both the create account and delete after use checkboxes selected, the same user could not always be created twice |
| 343827 | Dashboard’s “Users” card could cause a memory leak when getting especially large |
| 340747 | Managed User login status did not always update when a user logged-in |
| 319593 | Setting a daily platform host scan schedule could result in an incorrect time |
| 306265 | AD Sync would not always update “Member” tab for Group under Users and Groups as expected when a user was removed |
| 304973 | Timeouts could occur when calling PowerShell function Get-SbPAMAdUser |
| 303774 | Custom roles did not always display on the User Roles tab |
| 295700 | Certain aspects of Resource Groups were not working as expected |
| 198027 | Confirmation pop-up did not display group names when removing one or more groups from Collections |
| 138219 | Local accounts for a removed credential could still display in Credentials |
| 87195 | Adding a user group inside of another user group did not always display as expected |
Plan your upgrade
Netwrix Privilege Secure 4.1 will reach its end of support life on November 30, 2025. To learn more, please read the Netwrix End-of-Support Policy.
Need help with this update?
There are many different ways to get help with our products!
| Situation | Action |
|---|---|
| If you feel the product is broken and not working as intended… | Contact Support |
| If you have a question you’d like to ask other experts… | Create a discussion in the community: Privilege Secure > Discussions & Questions |
| If you have a feature request… | Let our product team know directly: Privilege Secure > Ideas |
| If you have something cool to show… | Show everyone what you built: Privilege Secure > Show & Tell |
What are your thoughts?
We are always happy to hear from our users on what you like, and what you hope to see in the future. Please, share your thoughts below!
