Release Date: July 31, 2025

Download & Instal/Upgrade: Download the latest version (9.3.968.19) here (https://www.tenable.com/downloads/tenable-patch-management) 

Changelog: See Tenable Patch Management Release Notes (https://docs.tenable.com/release-notes/Content/patch-management/2025.htm#July-31,-2025-)

Documentation: Tenable Patch Management Documentation (https://docs.tenable.com/integrations/patch-management/Content/welcome.htm)

Hi everyone,

Tenable is pleased to announce the release of Tenable Patch Management 9.3.968.19, featuring major feature upgrades, new database server requirements, quality improvements, critical security, and bug fixes across the platform. Tenable strongly recommends upgrading to 9.3.968.19.

Key Release Highlights

- Cross Platform Installation Enhancements: Cross-platform installers now support runtime parameters, eliminating the need to edit and distribute config files. Use switches similar to the Windows installer. See Tenable Patch Client Installation and Uninstallation (https://docs.tenable.com/integrations/patch-management/Content/client-installation.htm) for guidance.

- New Client Auto-Upgrade Feature: A new auto-upgrade process enables clients to seamlessly upgrade to match the server version (9.3+). See Upgrade Tenable Patch Clients Using Automatic Deployments (https://docs.tenable.com/integrations/patch-management/Content/use-auto-deplpys.htm) for steps.

- Minimum SQL Server Version Requirement Updated: SQL Server 2017 or higher is now required. Recommended: SQL Server 2019+ with compatibility level 150+. See Database Requirements and Configurations (https://docs.tenable.com/integrations/patch-management/Content/db-req-config.htm) for details.

- Resolved SQL Injection Vulnerability: Fixed a SQL injection vulnerability in the login process affecting versions prior to 9.2.XXX, 9.1.XXX, and prior versions. The issue was resolved by implementing parameterized queries. Therefore, Tenable strongly recommends upgrading to 9.3.968.19. See the related Tenable Security Advisory (https://www.tenable.com/security/tns-2025-15)

- Microsoft 365 Patching Support: Native Patching Support for the following versions of Microsoft Office: MS 365, Office 2024 LTS, Office 2024, Office 2021, Office 2019 and 2016 (EOL scheduled for Oct 2025), Visio and Project (starting with version 2021). No more manual packaging! Using the new delta updates, monthly updates now reduced to 30-50MB from 3GB per language, saving up to 95% bandwidth.

- Fix for Missing DLL Causing Dell Driver Installation Failures: Resolves an issue where Dell drivers failed to install and Compliance Status showed "Non-Compliant" on Clients running 9.2.XXX due to a missing DLL. This release restores the required DLL, ensuring proper functionality for new installations going forward. Please note: Upgraded clients from version 9.1 or 9.0 do include this DLL and will not experience the issue.

Server Updates

Improvements:

-Dynamic Logging Config: Automatically reloads logging settings when config file is updated.

-Optimized Bulk Messaging: Default bulk_messaging_batch size reduced from 100 → 25.

-Secure Login Queries: Emails are now securely passed via parameterized queries during login.

Bug Fixes:

-Flexible ACR Input: Now supports both float and integer in ACR field.

-Patch Submission Cleanup: Deletes associated strategy records when patch is removed.

-Device Status Filtering: Device table only displays relevant product installations.

-Workflow Validation: Better validation for runtime expressions in file system operation nodes.

-Deployment Approval Checks: Fixed issue where patches deployed without full approval.

-STRING_AGG Overflow: Crash resolved when string length exceeds 8,000 chars.

-Business Unit & Metadata Health Fixes: Improved accuracy in patch system health and business unit filters.

Client Updates

New Features:

Client Auto-Upgrade UI Support: 

- Manage upgrade settings.

- View current version info.

- Pause or trigger upgrades manually.

Microsoft 365 Auto-Update Logic: 

- Disables auto-updates when WSUS is licensed and wsus.O365 = true.

- Enables proper scan classification for M365 products.

Improvements:

-AngularJS upgraded from 19.1.3 → ^19.2.10

-Auto-Reload Logging Config: Log config changes take effect instantly.

-jemalloc for Linux Clients: Improves memory efficiency.

-Better Filter UI: More readable operators in advanced filters.

Bug Fixes:

-SMTP Email Blocking: Fixed server startup failure due to invalid SMTP config.

-Patch Rescan Delay: Rescan now triggered promptly when patch removed from block list.

-macOS VPN Fix: Resolved connection issue over VPN.

-Compliance State: Now updates when new patches are found.

-UI Menu Fixes: Corrected header icons in User and Patching dashboards.

-Data Provider Editor: Fixed switching errors in the data provider settings.

- Advanced Filter UI: Enforced correct behavior for NOT operator child conditions.

- Folder Search Fix: Resolved parent folder search override in object tables.

Questions?

We’re a ping away! Reach us at connect.tenable.com. 

Thanks to everyone involved in making this release happen! 

– Ahmad Maruf
Product Manager
Tenable Patch Management