The popular network protocol analyzer continues fine-tuning its latest stable release without adding new protocols, but by optimizing existing support and fixing annoying bugs and vulnerabilities.
The Wireshark Foundation has announced the release of Wireshark 4.4.8, the eighth maintenance update in the stable 4.4 series. This new version, available for Linux, macOS, and Windows, does not introduce new protocols but improves support for many existing ones and fixes multiple issues affecting stability, performance, and user experience.
Updated support for multiple protocols
Among the protocols receiving enhancements in this release are ASTERIX, DLT, DNP 3.0, DOF, DTLS, ETSI CAT, Gryphon, IPsec, ISObus VT, KRB5, MBIM, RTCP, SLL, STCSIG, TETRA, UDS, and URL Encoded Form Data. These updates improve traffic analysis capabilities in complex networks and industrial environments.
Critical fixes and reinforced stability
Wireshark 4.4.8 addresses several user- and contributor-reported issues:
- Fixes an issue with DTLS renegotiated sessions that weren’t being decrypted correctly.
- Resolves a bug in packet diagrams where representations duplicated when the field type was FT_NONE.
- Corrects a total application hang during initialization on systems with Android emulators due to a blocked recv() function.
- Adjustments made to UTF-8 encoding errors and the interpretation of non-standard fields.
- Fixes a bug in the UDS dissector with responses from the ReadDataByPeriodicIdentifier service.
- Resolves an issue related to the DNP3 timestamp after the year 2038 limit.
Previous cumulative improvements
Since version 4.4.0, Wireshark has introduced numerous enhancements:
- Compatibility with DirectStorage, improved display filters, extended support for automatic profiles, and updates to multiple dissectors.
- Security fixes such as wnpa-sec-2025-01 and wnpa-sec-2025-02, preventing crashes or memory leaks when analyzing protocols like Bundle Protocol, CBOR, or CIGI.
- Enhanced support for protocols including QUIC, BGP EVPN, MQTT-SN, Bluetooth L2CAP, among others.
Additionally, the filtering system, custom columns, and performance in live capture environments with large traffic volumes have been improved.
Availability
Wireshark 4.4.8 is now available for download from the official website (wireshark.org) in tarball format or as a Flatpak package via Flathub. Linux distributions with rolling release models, like Arch Linux and openSUSE Tumbleweed, typically update quickly.
Conclusion
With this release, Wireshark strengthens its position as a vital tool for network professionals, cybersecurity researchers, and system administrators. While no new protocols are introduced, the emphasis on stability, compatibility, and bug fixes ensures a more robust and secure user experience.
The next major milestone may be in Wireshark 4.6, potentially featuring new dissectors, cloud environment functions, or enhanced integration with threat intelligence tools. Meanwhile, the community appreciates this ongoing maintenance work that keeps the project at the forefront of network traffic analysis.