Want the full details? Click the link below!

Bug Fixes and Miscellaneous Updates

This release introduces performance enhancements to event processing and investigation workflows, stability improvements and more.

Important notes

• A PostgreSQL update is required. Allow additional time for the data migration process to complete.
• Netwrix Threat Prevention customers are strongly encouraged to update to the latest release for optimal performance.

Performance improvements

• Forged ticket threat detection now processes events significantly faster with optimized algorithms.
• Improved memory management reduces system resource usage during event processing.
• Enhanced caching mechanisms improve overall system responsiveness.
• Event service threading optimizations lower resource consumption under high event volume.
• Database query performance upgrades accelerate investigation loading times.
• Asynchronous logging minimizes the impact on core processing operations.
• Honeytoken threat detection is now disabled by default and can be enabled post-configuration.

Bug fixes

• Investigation save operations now show clear validation messages for missing required fields.
• Activity data displays correctly across multiple time zones.
• Entra ID synchronization completes successfully when handling large volumes of new risky objects (1000+).
• Entra ID verified domain synchronization no longer triggers sequence limit errors.
• User accounts with special characters can now log in successfully.
• Credential profile editor correctly displays credentials for all entries.
• Password spray threat detection properly resets counters for accurate identification.
• Tag details pages handle loading errors with clear error messaging.
• Direct member group information updates correctly during synchronization.
• Event table growth is now properly managed to prevent excessive storage use.
• Domain controller lists exclude removed systems as expected.
• Investigation file path filtering includes both file and folder event types.
• Security descriptor changes appear correctly in event details.
• Abnormal user behavior threat details display accurate interface elements.
• Integration test connections validate properly for new data sources.
• Threat detection logic now better excludes known false positive patterns.
• System dumps generate only when necessary, reducing diagnostic file clutter.
• Event linking maintains correct associations when domain controllers are re-added.
• Computer account tags apply correctly during synchronization.
• Database replication cleanup functions properly during service restarts.
• Sensitive role change detection handles multi-domain environments without warnings.

Need help with this update?

There are many different ways to get help with our products!

What are your thoughts?

We are always happy to hear from our users on what you like, and what you hope to see in the future. Please, share your thoughts below!