Cyber security

Wazuh v4.9.0 – Comprehensive Overview Of Latest Enhancements And Fixes

Its latest enhancements and fixes that fortify cybersecurity measures. This version introduces significant improvements across its Manager and Agent components, boosts performance in vulnerability scanners, and expands its integration capabilities.

Explore the detailed changes and new features that further elevate Wazuh’s robust security framework.

Added

  • The manager now supports alert forwarding to Fluentd. (#17306)
  • Added missing functionality for vulnerability scanner translations. (#23518)
  • Improved performance for vulnerability scanner translations. (#23722)
  • Enhanced vulnerability scanner logging to be more expressive. (#24536)
  • Added the HAProxy helper to manage load balancer configuration and automatically balance agents. (#23513)
  • Added a validation to avoid killing processes from external services. (#23222)
  • Enabled ceritificates validation in the requests to the HAProxy helper using the default CA bundle. (#23996)

Fixed

  • Fixed compilation issue for local installation. (#20505)
  • Fixed malformed JSON error in wazuh-analysisd. (#16666)
  • Fixed a warning when uninstalling the Wazuh manager if the VD feed is missing. (#24375)
  • Ensured vulnerability detection scanner log messages end with a period. (#24393)

Changed

  • Changed error messages about recv() messages from wazuh-db to debug logs. (#20285)
  • Sanitized the integrations directory code. (#21195)

Agent

Added

  • Added debug logging in FIM to detect invalid report change registry values. Thanks to Zafer Balkan (@zbalkan). (#21690)
  • Added Amazon Linux 1 and 2023 support for the installation script. (#21287)
  • Added Journald support in Logcollector. (#23137)
  • Added support for Amazon Security Hub via AWS SQS. (#23203)

Fixed

  • Fixed loading of whodata through timeouts and retries. (#21455)
  • Avoided backup failures during WPK update by adding dependency checking for the tar package. (#21729)
  • Fixed a crash in the agent due to a library incompatibility. (#22210)
  • Fixed an error in the osquery integration on Windows that avoided loading osquery.conf. (#21728)
  • Fixed a crash in the agent’s Rootcheck component when using <ignore>. (#22588)
  • Fixed command wodle to support UTF-8 characters on windows agent. (#19146)
  • Fixed Windows agent to delete wazuh-agent.state file when stopped. (#20425)
  • Fixed Windows Agent 4.8.0 permission errors on Windows 11 after upgrade. (#20727)
  • Fixed alerts are created when syscheck diff DB is full. (#16487)
  • Fixed Wazuh deb uninstallation to remove non-config files. (#2195)
  • Fixed improper Windows agent ACL on non-default installation directory. (#23273)
  • Fixed socket configuration of an agent is displayed. (#17664)
  • Fixed wazuh-modulesd printing child process not found error. (#18494)
  • Fixed issue with an agent starting automatically without reason. (#23848)
  • Fixed GET /syscheck to properly report size for files larger than 2GB. (#17415)
  • Fixed error in packages generation centos 7. (#24412)
  • Fixed Wazuh deb uninstallation to remove non-config files from the installation directory. (#2195)
  • Fixed Azure auditLogs/signIns status parsing (thanks to @jmnis for the contribution). (#22392)
  • Fixed how the S3 object keys with special characters are handled in the Custom Logs Buckets integration. (#22621)

For more information click here.

Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Recent Posts

SpyAI : Intelligent Malware With Advanced Capabilities

SpyAI is a sophisticated form of malware that leverages advanced technologies to capture and analyze…

1 day ago

Proxmark3 : The Ultimate Tool For RFID Security And Analysis

The Proxmark3 is a versatile, open-source tool designed for radio-frequency identification (RFID) security analysis, research,…

1 day ago

Awesome Solana Security : Enhancing Program Development

The "Awesome Solana Security" collection is a comprehensive resource designed to help developers build more…

1 day ago

IngressNightmare-POCs : Understanding The Vulnerability Exploitation Flow

The "IngressNightmare" vulnerabilities, disclosed in March 2025, represent a critical set of security issues affecting…

1 day ago

AdaptixC2 : Enhancing Penetration Testing With Advanced Framework Capabilities

AdaptixC2 is an advanced post-exploitation and adversarial emulation framework designed specifically for penetration testers. It…

1 day ago

Bincrypter : Enhancing Linux Binary Security through Runtime Encryption And Obfuscation

Bincrypter is a powerful Linux binary runtime crypter written in BASH. It is designed to…

1 day ago