Tenable Identity Exposure 2026 On-Premises Release Notes
Tip: You can subscribe to receive alerts for Tenable documentation updates.
These release notes are listed in reverse chronological order.
Tenable Identity Exposure 3.77.17 (2026-04-08)
Enhancements
-
A decrease in installation and update times by utilizing backported MSI zip artifacts for core binaries.
Bug Fixes
Tenable Identity Exposure version 3.77.17 contains the following bug fixes:
| Bug Fixes |
|---|
| Eliminates Golden Ticket false positives for authentication requests (4768/4770) originating locally on a Domain Controller via loopback IP. |
| Triggers an automatic re-crawl of Sysvol files if SMB network errors occur, ensuring no critical files are missed. |
| Restores RabbitMQ consumer and producer connectivity automatically following a channel shutdown. |
| Ensures the Sysvol listener reconnects properly by handling Win32Exceptions when a root directory is not found. |
| Supports successful MSI upgrades even when the Application Directory location has changed. |
| Removes orphan WMI listeners during IoA GPO uninstallation to ensure a clean environment. |
| Enables Security Profile customizations by providing necessary infrastructure data during initialization and post-login. |
| Refines the Cleanup_AdvInstServer process to exit gracefully and issue a pipeline warning if a hostname is not found. |
Updated Software Dependencies
| Software Name | Pre-upgrade | Post-upgrade |
|---|---|---|
| Tenable Identity Exposure | 3.77.16 | 3.77.17 |
| C++ 2015-2019 Redistributable | 14.38.33135.0 | 14.38.33135.0 |
| .NET Windows Server Hosting | 8.0.23 | 8.0.25 |
| IIS URL Rewrite Module 2 | 7.2.1993 | 7.2.1993 |
| Application Request Routing 3.0 | 3.0.5311 | 3.0.5311 |
| NodeJS | 20.19.5.0 | 20.20.2.0 |
| Erlang OTP | 26.2.5.16 | 26.2.5.18 |
| Rabbit MQ | 4.0.9 | 4.0.9 |
| SQL Server | 15.0.4455.2 | 15.0.4460.4 |
| OpenSSL | 3.6.1 | 3.6.1 |
| Envoy | 1.29.12 | 1.29.12 |
| Handle | 5.0 | 5.0 |
| Curl | 8.18.0 | 8.19.0 |
Tenable Identity Exposure 3.77.16 (2026-02-03)
New Features
-
Improved Indicator of Attack Filtering: All IoA detected attacks now show a unique Attack ID in a dedicated column in the IoA page.
Enhancements
-
Relay & Ceti monitoring: Added resource monitoring logging for on-premises deployments.
-
KRBTGT-PASSWORD Indicator of Exposure: Updated localization.
-
Attack Path computation: Improved behavior when attack paths could not be computed before timeout.
-
Attack Path edge count: Improved Edge count at startup.
Bug Fixes
Tenable Identity Exposure version 3.77.16 contains the following bug fixes:
| Bug Fixes |
|---|
| IoA events listener persistence: Fixed persistence issue with the IoA events listener registration. |
| IoA certificate persistence: Fixed Tenable certificate persistence issue affecting Indicators of Attack. |
| Query string parsing: Fixed a regression affecting large query string arrays in API requests. |
Updated Software Dependencies
| Software Name | Pre-upgrade | Post-upgrade |
|---|---|---|
| Tenable Identity Exposure | 3.77.15 | 3.77.16 |
| C++ 2015-2019 Redistributable | 14.38.33135.0 | 14.38.33135.0 |
| .NET Windows Server Hosting | 8.0.22.25528 | 8.0.23 |
| IIS URL Rewrite Module 2 | 7.2.1993 | 7.2.1993 |
| Application Request Routing 3.0 | 3.0.5311 | 3.0.5311 |
| NodeJS | 20.19.5.0 | 20.19.5.0 |
| Erlang OTP | 26.2.5.16 | 26.2.5.16 |
| Rabbit MQ | 4.0.9 | 4.0.9 |
| SQL Server | 15.0.4455.2 | 15.0.4455.2 |
| OpenSSL | 3.5.1 | 3.6.1 |
| Envoy | 1.29.12 | 1.29.12 |
| Handle | 5.0 | 5.0 |
| Curl | 8.17.0 | 8.18.0 |