ThreatLocker Version 7.6 Release Notes

3 min. readlast update: 09.17.2023

Latest Version:
IMPORTANT NOTE: Version 7.6 does not currently support the use of the ThreatLocker Proxy
Note: It is expected behavior on Upgrade and Deployment for the Agent to check-in to the Portal on 7.6 once, and then delay the next check-in as it prepares its files for use. This will also prevent the Tray from starting/updating until the Service is checking in normally again.
Note: It is recommended to update a small group of machines to 7.6 prior to global deployment due to the significant amount of changes made to this build. Here is how you can update individual machines or specific groups: Updating the ThreatLocker Version on a Single Computer | ThreatLocker Help Center ( | Updating ThreatLocker to the Latest Version | ThreatLocker Help Center ( 
Reminder: Windows Server 2008 needs to be fully patched in order for the ThreatLocker Agent to fully function.

Current Known Bugs

There are currently no known issues with 7.6

Bug Fixes

  • Resolves an issue with DotNET DLL's not being permitted despite being learned
  • Resolves an issue with APC Index Mismatch causing Blue Screens
  • Resolved an issue some customers had with performance when their RMM was calling PowerShell repeatedly
  • Resolved an issue some customers experienced with performance related to DNS queries coming from ThreatLockerService when using a SIEM and sysmon
  • Resolved an issue some customers experienced when opening Batch files
  • Resolved an issue with Windows Apps not prompting for elevation when being run as administrator
  • Resolved an issue some customers experienced when attempting to block the iPhone driver
  • Resolved an issue some customers experienced where the driver failed to restart - Known Issue - Driver Not Restarting on Versions 7.0-7.5 | ThreatLocker Help Center (
  • Resolved an issue where using the "Login as Admin" button from the tray could cause you to be incorrectly logged out of the Portal after completing the request if you had been signed in previously
  • Resolves an issue where if the computer has no internet connection, the Tray would fail to load the request window
  • Resolved an issue some customers experienced with NAC Keywords needing to be added to policies on both the client and server machines in order to function properly 
  • Resolved an issue where some customers saw an increase in CPU if was restricted on their firewall 
  • Resolved an issue some customers had when using NAC and port 8810 was already in use

New Features

  • Block Android as well as iPhones via Application Control
  • Added a popup to inform the user that there is already a request pending for an application they have already requested - this will reduce the number of duplicate requests from the same user
  • Added a right-click on the Tray menu item for Maintenance Mode - This is for a feature currently in Open Beta on the Mobile App
  • Added support for a future feature - support for file size when creating custom rules


  • Improved performance on Network related Tasks in Ringfencing and NAC
  • Improvements to the initial download speed of core files on Deployment
  • Improvements to Core file processing and memory usage
  • Changes to Override Codes - these are now generated automatically per computer, and in addition to enabling Monitor Only, Tamper Protection will also be disabled
  • Improvements to Tamper Protection
  • Improvements to the way ThreatLocker processes applications, reducing RAM usage by the service and driver by 70+ percent
  • Improvements to Bandwidth utilization during policy deployment
  • Performance improvements regarding Checking for Updates 
  • Added extra logic to handle the increased number of executions seen by RMMs and Anti-Viruses
Was this article helpful?