Wireshark 4.4.1 Released, What’s new!

Wireshark, the world’s leading network protocol analyzer, has just released version 4.4.1, bringing a host of bug fixes and updates to enhance user experience and functionality.

Hosted by the Wireshark Foundation, this tool is indispensable for troubleshooting, analysis, development, and education in network protocol analysis. Here’s a detailed look at what’s new in this release.

Major Bug Fixes

The latest release addresses several critical vulnerabilities and bugs affecting previous versions.

Two significant security vulnerabilities have been resolved: the ITS dissector crash (wnpa-sec-2024-12) and crashes in the AppleTalk and RELOAD Framing dissectors (wnpa-sec-2024-13).

These fixes are crucial for maintaining the software’s stability and security. Additionally, numerous bugs have been squashed to improve overall performance.

For instance, issues with corrupt interface handling during live-capture refreshes (Issue 11176) and incorrect media type registrations (Issue 14729) have been fixed.

Users will also appreciate the resolution of the Extcap toolbar malfunction when new interfaces are added (Issue 19854), as well as various decoding errors and build issues that were previously problematic.

Analyse Any Suspicious Links Using ANY.RUN’s New Safe Browsing Tool: Try for Free

Updated Features

Wireshark 4.4.1 introduces changes to TShark syntax for field dumping, enhancing its usability. The syntax has shifted from the -G fields prefix to the -G fields prefix, allowing users to specify configuration profiles more effectively.

This change is part of Wireshark’s ongoing efforts to streamline user interactions with its command-line tools. Moreover, while this release does not support new protocols, several existing protocols have received updates.

These include enhancements to AppleTalk, BGP, HTTP2, Kerberos, and many others, ensuring that Wireshark remains at the cutting edge of protocol analysis.

Wireshark continues to expand its capture file support with updates in version 4.4.1. Users working with BLF, CLLOG, CommView, ERF, and pcap files will notice improved handling and performance.

Although this release does not introduce new file format decoding support, these updates ensure robust compatibility with existing formats.

Getting Wireshark 4.4.1

The source code and installation packages for Wireshark 4.4.1 are readily available on the official Wireshark website for those eager to explore the new features and improvements.

Most Linux and Unix vendors also supply Wireshark packages, which can be installed or upgraded using platform-specific package management systems.

Wireshark 4.4.1 continues to solidify its position as an essential tool for network professionals worldwide by addressing critical issues and enhancing existing functionalities.

As always, contributions from users and organizations are vital for the ongoing development of this open-source project.

Upgrade Your Cybersecurity Skills With 100+ Premium Cyber Security Courses Online - Enroll Here