ThreatLocker Version 7.9 Release Notes

2 min. readlast update: 09.17.2023
We've extended the amount of files recognized by the ThreatLocker service when Windows flags the file as being executed and the process is Window's explorer. This may lead to an increase in logs and denies on your machines. If you're experienceing issues, please reach out to a Cyber Hero for help.
Latest Version

Bugs and Fixes

  • Resolved an issue with Tamper Protection that prevented users who didn’t run ThreatLocker service as System from getting the service stuck in Tamper Protection Enabled mode. Please note this is against recommendations. The ThreatLocker service is required to run as System.  
  • Resolved an issue where a client had “Task Manager” blocked by ThreatLocker due to unpermitted communication between the user’s server and ThreatLocker 
  • Resolved an issue with CPU spikes related to multi-wildcard use in custom rules and processing files 
  • Resolved an issue with CPU usage where certain processes were generating excessive installs of files that did not have a hash value 
  • Resolved an issue with NULL or “0” hash values. Drivers will no longer process these values and execution values less than 16 bytes will not process. 
  • Resolved an issue in which some MSI files that were trying to elevate were missing information  
  • Resolved an issue where the existing approval request process was not suggesting custom rules appropriately and instead lead to a Service Connection error message 
  • Resolved an issue where a modified active custom rule would not take affect until the service was restarted 
  • Resolved an issue with the tray notifications timing out 
  • Resolved an issue with “[]” not matching and permitting in the Custom Rules process 
  • Resolved an issue stopping the Apps database from downloading new content, including while on Proxy
  • Resolved an issue in which override codes were not set to 'used'
  • Resolved an issue where some ocx files were not being detected during execution

New Features

  • Added a feature to the Proxy option that will intercept all local traffic prior to other products accessing the data 
  • Added a debug feature to help users troubleshoot network caching issues  


  • Improved Network Processing and Performance monitoring to resolve Network Cache issue  
  • Improved Tamper Protection
  • Improved API calls to multiple locations 
  • Improved performance monitoring details 
  • Improved network processing
  • Improved the process of tracking every instance and logging file versions
  • Improved the access options around registry keys for Windows files   
  • Improved an issue in a previous release pertaining to custom rules that contain both hash and path


Was this article helpful?