Version 7.10.6 4/20/2023 Improvements Improved learning for OCX files Automatic learning of OCX files is now occuring and can be changed via options on the Group level.   Version 7.10.5 4/6/2023  Improvements Improved the API Applications download processes   Version 7.10.4 3/30/2023 New Features New options allow users to create granular policies by identifying certain file extensions as executables Improvements Improved the API Applications response times  

Version 6.8 Updated April 29, 2022 Please make sure you test this with your Applications before you roll this out to all of your endpoints. Provides a workaround for vulnerability in Windows that has been responsibly disclosed to Microsoft Fixed an issue some customers occasionally experienced with Veeam software  Version 6.7 Updated February 4, 202 Security Improvements to Tamper Protection Performance Improvement when utilizing group membership Health Service is now installed by the ThreatLocker Service Added the ability to customize computer names upon installation by a script using the Stub Installer Fixed an issue with .

Currently in Open Beta Latest Version: 2.0.0.310  06/06/2023 Bugs and Fixes Resolved an issue with machines failing to upgrade or downgrade versions successfully  Resolved an issue where Tamper Protection was causing machines to freeze  Resolved an issue with install events that do not include all needed information (hashes, certificates, etc.)  Resolved an issue where Learning Mode would be affected by loss of internet connection  Resolved an issue which caused users to wait up to 3 seconds to change a system setting after that setting is initially changed  Resolved an issue in the tray where the 'Don’t Show Again' option was malfunctioning due to how information was stored in the database  Resolved an issue that allowed users to run Sudo commands with Elevation  Resolved an issue related to how installed pkg files associate to policies when the policies contain a *(wildcard) Resolved an issue where some files were reported as executing when Installer.

Note: Reminder to run Learning Mode after installation prior to securing endpoints for the minimum recommendation of 5-7 days.  Latest Version 1.1 Version 1.1 3/22/2023 Known Limitation: Endpoints must be placed into Learning Mode during any updates to software. We are currently in the process of addressing the limitation and should have a solution shortly.  Bugs and Fixes Resolved an issue with process caching resulting in duplicate logging  Improvements Improved baseline scanner detection of executables 

On 5/31/2023, the ThreatLocker portal migrated and is now an Angular Portal found here:http://portal2.threatlocker.com/ Moving forward, new Live Release Notes for both the new portal and the legacy portal will be found here on the Portal Release Notes page and the Beta Portal Release Notes will be viewable on theBetal Portal Release Notes page.  6/6/2023 : Released to portal2.threatlocker.com Bugs and Fixes Resolved an issue with OTC MFA which forced a reset when editing the user's information  Resolved an issue with the link generated and sent when creating a helpdesk ticket  Resolved issues with visibility of historical messages and hidden messages in helpdesk  Some legacy portal links now begin to redirect to the new portal Resolved an issue with the Multiselect feature on the Approvals page, the Unified Audit page, the Application Control page, and the Network Control page Resolved several issues with the UI on the Storage Policies page  Resolved an issue with some storage policy edits not updating  Resolved an issue with some storage policies not deploying 

5/31/2023  The old portal has migrated and is now an Angular Portal  Moving forward, new live release notes will be found on on the Portal Release Notes page and the beta and legacy beta release notes will be viewable here.  6/6/2023 : Released to beta.threatlocker.com  Bugs and Fixes Resolved an issue with OTC MFA which forced a reset when editing the user's information  Resolved an issue with the link generated and sent when creating a helpdesk ticket  Resolved issues with visibility of historical messages and hidden messages in helpdesk  Some legacy portal links now begin to redirect to the new portal Resolved an issue with the Multiselect feature on the Approvals page, the Unified Audit page, the Application Control page, and the Network Control page Resolved several issues with the UI on the Storage Policies page  Resolved an issue with some storage policy edits not updating  Resolved an issue with some storage policies not deploying 

Released to Open Beta on 5/18/2023 Bugs and Fixes Resolved an issue with Tamper Protection not disabling when an Override would be applied Resolved several issues with the tray, including crashing and missing attachments  Resolved an issue with corrupt pk.dat files   Resolved several issues with Network Control, including authorization host timeouts, objects not applying to IPv6, and issues with keywords  Resolved an issue where Tamper Protection would set prior to a successful checkin  Resolved an issue with the ThreatLocker service not honoring DNS changes   Resolved an issue in 7.

Released on Open Beta 04/18/2023 Released Live 04/20/2023 Improvements Improved learning for OCX files Automatic learning of OCX files is now occuring and can be changed via options on the Group level. 

4/6/2023 Improvements Improved the API Applications download processes  

3/30/2023 New Features  New options allow users to create granular policies by identifying certain file extensions as executables Improvements  Improved the API Applications response times

3/24/2023 Improvements Improved logging details when registering a new computer 

3/17/2023 Improvments Added the username in the lookup of cached application policies so that ringfencing policies match by username, if specified

3/14/2023  Bugs and Fixes  Resolved an issue in which Applications with a wildcard in the Created By Process field would show as matching but not follow the policy action.  

We've extended the amount of files recognized by the ThreatLocker service when Windows flags the file as being executed and the process is PowerShell or rundll. This may lead to an increase in logs and denies on your machines. If you're experiencing issues, please reach out to a Cyber Hero for help.  3/14/2023 Known Bug: Identified an issue in which Applications with a wildcard in the Created By Process field would show as matching but not follow the policy action.

2/21/2023 Bugs and Fixes Resolved an issue with process caching resulting in duplicate logging  Improvements Improved baseline scanner detection of executables

We've extended the amount of files recognized by the ThreatLocker service when Windows flags the file as being executed and the process is Window's explorer. This may lead to an increase in logs and denies on your machines. If you're experienceing issues, please reach out to a Cyber Hero for help. Latest Version 7.9.0.1581 Bugs and Fixes Resolved an issue with Tamper Protection that prevented users who didn’t run ThreatLocker service as System from getting the service stuck in Tamper Protection Enabled mode.

Known Issue: Applications May Not be Able to Run as Admin when Updating from Agent Version 7.8.x  New ThreatLocker Proxy Service supported   

Known Issue: Applications May Not be Able to Run as Admin when Updating from Agent Version 7.8.x  Bug and Fixes Resolved an issue where the service could start the baseline process before the apps db was fully downloaded Resolved an issue preventing the installation of new machines while using the ThreatLocker Proxy

Latest version: 7.8.0.1541 Known Bug Proxy is now supported, however new machines will not install with the current build. Fix expected in the 7.8.2 release.  Known Issue: Applications May Not be Able to Run as Admin when Updating from Agent Version 7.8.x Bugs and Fixes Resolved an issue some customers experienced with high CPU spikes when compiling code Resolved an issue affecting some customers using Authorization Hosts in their NAC policies Resolved backup issues with Tamper Protection Resolved an issue with Policies not inheriting status change Resolved Ringfencing issues impacting some customers regarding Application Interaction, Read & Write permissions, and Network Denies Resolved an issue where Driver Registry Keys were not populating upon update from previous version Resolved an issue experienced by a customer regarding 0 byte size executables and DLL files Resolved an issue where the ThreatLocker Service Driver used more memory than expected  Changes the Core download function to prevent increased bandwidth if and processing if the core download fails New Features Added support for future product Added ability to audit outbound traffic to localhost VBS scripts are logged as an executable and blocked by default Improvements Improved log processing to decrease disk usage  Improvements to Tamper Protection Mode General security improvements General performance improvements and fixes Improved Remote Presence storage policies

Known Bugs Known Backup Issues with Tamper Protection on Agent Version 7.7.* | ThreatLocker Help Center (kb.help)  Bugs and Fixes Resolved an issue some customers experienced when upgrading ThreatLocker, relating to the initial core database file being interrupted.

Known Bugs Known Backup Issues with Tamper Protection on Agent Version 7.7.* | ThreatLocker Help Center (kb.help)  Bugs and Fixes Resolved an issue where .Net error was populating when selecting RealTime Action Log from the ThreatLocker Tray 

Known Bugs Known Backup Issues with Tamper Protection on Agent Version 7.7.* | ThreatLocker Help Center (kb.help)  Bugs and Fixes Solved an issue for the tray not starting on non-English operating systems  Improvements Performance improvements on application downloads

Known Bugs Known Backup Issues with Tamper Protection on Agent Version 7.7.* | ThreatLocker Help Center (kb.help)  Bugs and Fixes Resolved an issue some customers experienced involving case differences on certificates during elevation Resolved an issue where Windows was recycling Process IDs Resolved an issue affecting a customer where their Tags.json file became corrupt Resolved an issue affecting a customer where NAC could fail to connect to the authorization host Resolved an issue experienced by a customer involving Application Control via network drives Resolved a blue screen issue related to driver verification and USB drives Resolved an issue where an incorrect override code displayed a success message instead of a failure message New Features

2/9/2023 Bugs and Fixes Removed the Excluded Processes options section from the Computer Groups page  Removed the "Attach a copy of the file with the request" feature from the Request Popup  Solved an issue where some requests would fail to open  Solved an issue where policy versions would not update during automatic downloads  Solved an issue where the MAC agent would not upgrade or downgrade  Solved an issue where maintenance modes were not being stored during reboot  Solved an issue in which the MAC Agent would crash when saving to the database  Solved an issue in which a machine with a maintenance mode set in the future would incorrectly appear as unsecured New Features Added MAC uninstaller  Added "

Bugs and Fixes Resolved an issue where antivirus software could prevent ThreatLocker from getting the correct hash of the file, leading to files being processed incorrectly

Latest Version: 7.6.1.1482/7.6.0.6AMD64  Bugs and Fixes Resolves an issue some customers experienced in 7.6 where certificates rules weren't matching for Elevation  New Features Allows additional verification of unverified certificates due to missing Root CA Certificates on computers by using known validated certificates from ThreatLocker

Latest Version: 7.6.0.1471/7.6.0.6AMD64 IMPORTANT NOTE: Version 7.6 does not currently support the use of the ThreatLocker Proxy Note: It is expected behavior on Upgrade and Deployment for the Agent to check-in to the Portal on 7.6 once, and then delay the next check-in as it prepares its files for use. This will also prevent the Tray from starting/updating until the Service is checking in normally again. Note: It is recommended to update a small group of machines to 7.

8/10/2022 Resolved an issue where excessive caching caused high memory usage.  Resolved an issue some customers experienced with elevation mode not logging as elevated in the Unified Audit Resolved an issue some customers experienced with Ringfencing needing a process restart after the ThreatLocker service was restarted Reduced the number of logs generated by certain processes that scan files but windows identifies their scanning as executes

8/9/2022 Added push notification to inform users when their Approval Requests have been processed  Improvements to the Blocked Items list in the tray Optimization of NAC policy caching including the removal of Source Ports Improvements to NAC  Event log de-duplication  Improvements to tray branding Minor bug fixes and improvements Resolved an issue some customers experienced with customized text displaying incorrectly in the tray popup Resolved an issue some customers experienced with the tray not correctly showing progress in the learning popop progress bar Resolved an issue some customers experienced with the tray crashing when displaying a high number of alerts 

6/28/2022 Added push notifications to inform users when their Approval Requests have been processed Improvements to the Blocked Items list in the tray Optimization of NAC policy caching including the removal of Source Ports Improvements to NAC  Event log de-duplication  Improvements to tray branding Minor bug fixes and improvements Resolved an issue some customers experienced with customized text displaying incorrectly in the tray popup Resolved an issue some customers experienced with the tray not correctly showing progress in the progress bar Resolved an issue some customers experienced with the tray crashing when displaying a high number of alerts

Includes all improvements in 7.2 Performance Improvements

View in Browser 6/28/2022 New Features Added the ability to disable the Elevation request popup to permit 'Elevating Silently' Added paging and Action Type Filtering to the Blocked Items log in the tray Added a new GUID option to NAC location dropdowns to provide a more user-friendly way of adding computers and/or groups to NAC Policies  NAC default setting was changed to 'Monitor Only' status - create a default-deny policy at the computer group level to enable blocking Added Process and Created By Process logging on Elevation logs on machines running Windows 10 and higher Improvements and Fixes Fixed an issue some customers experienced with Ringfencing Audit entries showing the application instead of the process Resolved an issue some customers experienced with Tags not applying to Destination Locations on NAC Policies Performance improvements to Network Access Control Improvements to performance and memory usage   

View In Browser New Features Added the ability to disable the Elevation request popup to permit 'Elevating Silently' Added paging and Action Type Filtering to the Blocked Items log in the tray Added a new GUID option to NAC location dropdowns to provide a more user-friendly way of adding computers and/or groups to NAC Policies  NAC default setting was changed to 'Monitor Only' status Improvements and Fixes Fixed an issue some customers experienced with Ringfencing Audit entries showing the application instead of the process Resolved an issue some customers experienced with Tags not applying to Destination Locations on NAC Policies Performance improvements to Network Access Control Improvements to performance and memory usage  Known Bugs  Elevation is not always showing the Process and Created By Process

Resolves an issue some customers experienced with Ringfencing while .NET files were being learned

Please note: Includes all changes from 7.0. See the associated article here: https://threatlocker.kb.help/threatlocker-version-70-beta-release-notes Improvements to NAC logging Made improvements to processing Active Directory Group Enabled Policies Added learning to the files previously excluded as part of the Windows vulnerability that was worked around in Version 6.8  Resolved an issue some customers experienced when customizing the icon on popup windows it showed the ThreatLocker Icon for a brief moment when loading

Adds support for the new NAC product to the ThreatLocker Portal Fixes an issue in which some customers experienced the fileinformationcache file to be abnormally large Improvements to the handling of Windows Core files  This build is no longer publicly available. Note: This does not support Learning (legacy). If you wish to keep your computers unsecured, you need to switch to Maintenence Mode.

Please make sure you test this with your Applications before you roll this out to all of your endpoints. Provides a workaround for vulnerability in Windows that has been responsibly disclosed to Microsoft   Fixed an issue some customers occasionally experienced with Veeam software