Monthly Release Notes - February 2026
Agari
Suspicious Email Analysis
Version 2026.02
February 2026
New Feature
-
This release incorporates the latest Fortra email security ML and AI detection models into the SEA analysis pipeline.
Enhancements
-
New Malicious Sub-Classification "Response-Recon"
-
This classification identifies early-stage attacker tactics focused on reconnaissance, where the attacker's primary objective is gathering information, not immediately compromising systems or stealing credentials.
-
-
Classification Change fields added for Incidents
-
The new fields will track the original classification of an incident if it changes, along with the time of the change and the type of change made (for example, whether it was a false positive or false negative). This data can be accessed via the Incident Data API.
-
-
Web App Incident Download
-
The maximum number of rows for Incident CSV downloads has increased from 10,000 to 30,000.
-
Fixes
-
Update on email header parsing
-
Special characters will now be retained in the Message ID field.
-
-
Various bug fixes and updates.
Boldon James
Exchange Classifier
Version 3.2.1
February 4, 2026
New Features
- Added support for Exchange Server Subscription Edition (SE).
- The same installer now supports installation on Exchange Server 2019 and Exchange Server SE.
Enhancements
- Confirmed support for Windows Server 2025.
Security Updates
- Updated to latest dependencies to address identified vulnerabilities.
CCSS
QMessage Monitor
Version 9.02
February 5, 2026
Fixes
-
Fixed issue where under certain conditions a minor issue in the timing calculations could affect QMM Events.
-
Fixed issue where under certain conditions a program attached to an Automatic Response, would issue an MCH3601 error message.
-
Fixed issue where the Maintenance client failed when a user tried to save an automated response that had the option [severity] "Less than or equal to" enabled.
-
Fixed issue in Maintenance module where user could not input a Description for Automated Responses.
-
Fixed issue where under certain conditions, when an escalation procedure was called and the message was an unanswered inquiry message, the procedure would not run as expected.
-
Fixed issue where the System Configuration data was not being removed after an install.
QRemote Control
Version 4.13
February 5, 2026
-
Incremental release to match the QMessage Monitor release.
Clearswift
Secure Email Gateway
Version 6.2.1
February 5, 2026
Fixes
-
Updated the Avira Anti-Virus Cloud Lookup component to ensure continued operation after 10 March 2026.
For more information, see this knowledge article in the Fortra Support Portal.
Secure Exchange Gateway
Version 6.2.1
February 5, 2026
Fixes
-
Updated the Avira Anti-Virus Cloud Lookup component to ensure continued operation after 10 March 2026.
For more information, see this knowledge article in the Fortra Support Portal.
Secure ICAP Gateway
Version 6.2.1
February 5, 2026
Fixes
-
Updated the Avira Anti-Virus Cloud Lookup component to ensure continued operation after 10 March 2026.
For more information, see this knowledge article in the Fortra Support Portal.
Secure Web Gateway
Version 6.2.1
February 5, 2026
Fixes
-
Updated the Avira Anti-Virus Cloud Lookup component to ensure continued operation after 10 March 2026.
For more information, see this knowledge article in the Fortra Support Portal.
Digital Guardian
Network DLP Appliance
Version: 13.1.0
February, 2026
New Features
-
The nDLP discovery engine now provides improved scalability and significantly faster scan times in large environments. This update optimizes the discovery process to deliver seamless scalability, enhanced performance, and reduced latency. By default, all new discovery scans now run using the optimized engine.
NOTE: When upgrading to version 13.1, the following behavior changes apply to discovery scans:
The system does not retain statistics for scans created before the upgrade. The user needs to rerun those scans to generate new statistics. Scans that are paused before the upgrade cannot resume after upgrading. Stop all active or paused scans before upgrading.Administrators can revert to the previous scan model if necessary. For full configuration instructions, refer to DigitalGuardian Appliance Administrators Guide v13.1.0 > Discovery Engine Configuration (Version 13.1.0 and Later) available on Fortra Support Portal.
-
This release introduces parallel (co-existing) authentication keys for SharePoint and OneDrive integrations to ensure a smooth, uninterrupted key rotation. The following changes apply:
-
Existing keys will remain active until the transition completes.
-
Current keys are planned to expire in Q2 2026. Support will notify customers in advance of the expiration.
-
Customers do not need to take any action to start using the new keys.
IMPORTANT: To continue using the SharePoint and OneDrive integrations, customers must upgrade to version 13.1 or later before the existing keys expire. -
Fixes
-
Resolved an issue where ICAP requests from some applications could exceed the maximum URL length and fail.
-
Resolved an issue where nDLP Appliance Manager version 13.0 did not list connected agents, even though they were successfully registered and connected.
-
Resolved an issue where the Data Discovery incidents list did not sort correctly by file size when filters were applied.
-
Resolved an issue where the nDLP Appliance incident details view truncated filenames that contained spaces.
-
Resolved an issue where nDLP was unable to extract MIP labels for certain Excel files (Excel 2021+ XML format).
-
Resolved an issue where nDLP Appliance did not detect Microsoft Information Protection (MIP) labels on PDF and PNG files.
-
Resolved an issue where nDLP Data at Rest inventory scans could not complete or update logs correctly when scanning DFS SMB shares.
-
Resolved an issue where the NDLP policy option “Apply this Policy when ALL email recipient matches ANY of the above filters” did not save correctly in the user interface.
Powertech
BoKS Manager
Version 8.1
February 3, 2026
Client c-8.1.0.27
New Features
-
boksinfo now contains information about SELinux domains.
Enhancements
-
Server Agent reports 4-digit version number.
Fixes
-
The Logout message is logged twice for SSH sessions when kslog is enabled.
-
Incorrect error message in cadm when a non-registered host is specified.
-
Added missing tls/ecgroups definition.
-
Missing SELinux process domains in boksinfo.
-
Sudo and Suexec errors need to be more descriptive.
-
Missing fields in dictionary file.
-
bokssetup error with multiple sshd* users in /etc/passwd.
-
BoKS passwd fails with long usernames.
-
ssh(1) command injection via ProxyCommand (CVE-2025-61984).
Security Scan for IBM i
Version 3.5.1
February 12, 2026
Enhancements
-
Changed file name when sending a report scan to show name and company.
Fixes
-
Fixed an issue with the "Send a Security Scan" option not including customer detail.
-
Updated URLs in product to reflect the new power.fortra.com subdomain.
-
There is no longer version a of the product.
-
Java version has been updated to Java 21.
SIEM Agent for IBM i
Version 4.9
February 5, 2026
Enhancements
-
Powertech Antivirus for IBM i is now available as an Event Source.
-
For new installs, we now default to using the delimiter method for *NETWORK outputs with *TCP protocol. The delimiter has been set to the new line character. Users can override the delimiter string in PSASYP, for example, to the null character.
-
A process to export the SIEM Agent configuration from one system and import it into another system has been added to the product with the new commands PSAEXPCFG and PSAIMPCFG.
-
The text of the "Scan exit program action" Event Text was modified to include the path of the file affected by the action. (This Event is issued when a malware scanner such as Powertech Antivirus for IBM i's identifies a file as infected.)
-
Two new commands PSAEXPCFG and PSAIMPCFG have been added to the product and to the Utilities Menu.
-
License related messages are now part of of the SYSMSG Event Source.
-
Updates have been made to the SIEM Agent Installation Guide. Central Admin 2.32 will be included as part of an installation.
-
The "Monitoring Powertech Antivirus with SIEM Agent” help topic in the User Guide has been updated to explain how to use the new *ANTIVIRUS type of event source to monitor Powertech Antivirus.
-
AUDIT Event Source supports changes for 7.6:
-
CP “Change to user profile”: Changes to user profile MFA attributes are reflected in T:CP data.
-
DS “Service Tools User ID and Attribute Changes”: The existing entry type includes new data in a previously reserved area for MFA attribute changes.
-
GR “Generic record”: Introduces a new subtype F, with *USAGEWARN.
-
SV “System values”: Changes to MFA-related system-wide security attributes are reflected, within the existing subtype for security attributes.
-
PW “Password failures”: Authentication failures due to failed TOTP or MFA are recorded in a new subtype G.
-
-
Changes to DDM attributes result in the corresponding SM journal entry having an entry type (subtype) of "M", instead of being grouped with DRDA changes under "D".
Fixes
-
New IBM i 7.5 audit journal subtypes for entries T:M8, T:PS, T:VP were missing and have been added.
-
SIEM Agent jobs with function USR-AUDIT sometimes failed as a result of an MCH3402 error. This has been fixed.
TeamQuest
Automated Analytics
Version 11.3.44
February 5, 2026
Enhancements
-
Upgraded Apache Tomcat to 9.0.112.
-
Added user auditing capabilities to Automated Analytics.
Fixes
-
Fixed missing images in exported PDF.
PostgreSQL
Version 16.11
February 5, 2026
Enhancements
-
Upgraded PostgreSQL to 16.11.
TeamQuest Administration Console
Version 11.4.14
February 5, 2026
Enhancements
-
Updated OpenSSL to v3.4.3.
-
Updated Apache HTTPD to v2.4.66.
TeamQuest Manager
Version 11.4.20
February 5, 2026
Enhancements
-
Validated TeamQuest Manager on Windows Server 2025.
-
Updated Apache HTTPD to v2.4.66.
-
Updated OpenSSL to v3.4.3.
VCM
Version 2.24
February 5, 2026
Enhancements
-
Validated VCM Collector on Windows Server 2025.
-
Upgraded ActiveMQ to 6.1.8.
-
Added user auditing capabilities to VCM.
-
Added authentication to Collector API.
-
Upgraded PostgreSQL to 17.7.
-
Upgraded Apache Spark to 3.5.7.
-
Upgraded Apache Storm to 2.8.3.
Fixes
-
Addressed information disclosure vulnerability using stack trace.
Known Limitations and Unresolved Items from Final Testing
-
Upgrading the Windows Collector will revert the ZookeeperConnectionString back to the default value. Workaround: Add a step to your automated installation to save the current ZookeeperConnectionString and reinstate it after the upgrade of the Collector.
-
The VCM Collector is not currently supported on SLES 15 (v5.3 kernel).
-
Restarting the VCM services while logged in to the VCM UI may result in an “OOPS” error when logging out and back in too quickly. Workaround: Wait a minute or two before logging back in.
-
The Collector button may not be present after a new installation due to a race condition. Workaround: Restarting the services will enable the button. Use /opt/vityl/utils/vcmctl.sh restart to restart the services.
Vityl Monitor
Version 11.4.15
February 5, 2026
Enhancements
-
Validated Vityl Monitor on Windows Server 2025.
-
Upgraded Apache Tomcat to 9.0.112.
Titus
DCS for Windows
Version 6.1.1
February 13, 2026
Fixes
- Resolved issue where the "Force Select On Save" application setting was being ignored during a save operation.
- Resolved issue in Microsoft Outlook where body tags that should have appeared in the footer of each message always appeared at the end of the entire message.
- After selecting parent values in multiple selection fields, there were delays in loading child values. This issue has been resolved.