New: Agent changes for forward compatibility
Version 7.3.9 includes changes to the agent required for forward compatibility with the future 7.4 release, ensuring uninterrupted connectivity.
New: LSASS access blocking alert
In response to more third-party security products blocking LSASS access, Netwrix Threat Prevention 7.3.9 includes a new alert that is triggered when LSASS access is blocked, enabling swift recognition and resolution of the situation. The alert can also be delivered via email.
Enhancement: Certificate Wizard enhancement
The custom certificate option and wizard have been enhanced to improve certificate management and clarity. Now, the FQDN is included in the certificate name field, and the Netwrix component name appears in the alternate name field.
Enhancement: Netwrix Threat Prevention server install path retention
The installer now retains the install path information independently of .msi files. Uninstalling and reinstalling will default to the previously used path, avoiding compatibility issues with existing certificates. This is particularly useful when the previous Enterprise Manager installation was in a custom location.
Enhancement: LAPS attribute filter update
In addition to concealing sensitive ms-Mcs-AdmPwd values, Netwrix Threat Prevention 7.3.9 now hides the new ms-LAPS-Password attribute. Less sensitive attributes (such as ms-LAPS-EncryptedPassword, ms-LAPS-EncryptedPasswordHistory, ms-LAPS-EncryptedDSRMPassword and ms-LAPS-EncryptedDSRMPasswordHistory) are also hidden to enhance security.
(Enterprise Password Enforcer customers) Enhanced HaveIBeenPwned (HIBP) database integration
HIBP content is now hosted on the Netwrix site to streamline acquisition of new password hashes. Weekly delta updates are available, and an intuitive UI in the Netwrix Threat Prevention console enables users to apply updates without downloading the entire dataset again. See the EPE Settings Window topic for additional information.
Deprecation: Legacy IIS-Based Reporting Console Removed
The legacy SI Reporting Console component, which required both IIS and Microsoft Silverlight, has been removed from the installation wizard. Additionally, the Reports tab for Policy and Template configuration has been removed.
Remember, the Netwrix Threat Manager Reporting Module console was released with Threat Prevent v7.3.6 to replace this legacy feature. See the Reporting Module topic for additional information.
Bug Fix List
See the Netwrix Threat Prevention 7.3 - Bug Fix List for a list of bugs fixed in this version.