Wireshark 4.2.0 Released – What’s New!

Wireshark is a popular open-source network protocol analyzer that is primarily used by security experts and network administrators for several purposes:-

  • Troubleshooting
  • Analysis
  • Development
  • Education

Its popularity originates from its:-

  • Robust features
  • User-friendly interface
  • Versatility in analyzing network issues
  • Troubleshooting network issues

All these key factors make Wireshark one of the top choices for several organizations in a multitude of sectors. Besides this, recently, Wireshark Foundation launched version 4.2.0, introducing new updates and features.

What’s new in Wireshark 4.2.0?

Under the Wireshark Foundation, the “Wireshark 4.2.0” is the first major Wireshark release, which brings the following new additions and features:-

  • Dark mode support on Windows.
  • A Windows installer for Arm64 has been added.
  • Packet list sorting has been improved.
  • Wireshark and TShark are now better about generating valid UTF-8 output.
  • A new display filter feature for filtering raw bytes has been added.
  • Display filter autocomplete is smarter about not suggesting invalid syntax.
  • Tools › MAC Address Blocks can lookup a MAC address in the IEEE OUI registry.
  • The enterprises, manuf, and services configuration files have been compiled in for improved start-up times.
  • The installation target no longer installs development headers by default.
  • The Wireshark installation is relocatable on Linux.
  • Wireshark can be compiled on Windows using MSYS2.
  • Wireshark can be cross-compiled for Windows using Linux.
  • Tools › Browser (SSL Keylog) can launch your web browser with the SSLKEYLOGFILE environment variable set to the appropriate value.
  • Windows installer file names now have the format Wireshark-<version>-<architecture>.exe.
  • Wireshark now supports the Korean language.
  • RTPDump is the new file format decoding.
Protect Your Storage With SafeGuard

Is Your Storage & Backup Systems Fully Protected? – Watch 40-second Tour of SafeGuard

StorageGuard scans, detects, and fixes security misconfigurations and vulnerabilities across hundreds of storage and backup devices.

Removed features & support

Here below, we have mentioned all the removed features and support:-

  • TShark’s -e option no longer supports displaying column text via the column title.
  • The disabled default script ‘dtd_gen.lua’ has been removed from the installation bundle.
  • The Wi-Fi NAN dissector filter name is now ‘wifi_nan’ instead of ‘nan’.

New Protocol Support

Here below, we have mentioned the new protocol support:-

  • Aruba UBT
  • ASAM Capture Module Protocol (CMP)
  • ATSC Link-Layer Protocol (ALP)
  • DECT DLC protocol layer (DECT-DLC)
  • DECT NWK protocol layer (DECT-NWK)
  • DECT proprietary Mitel OMM/RFP Protocol (also named AaMiDe)
  • Digital Object Identifier Resolution Protocol (DO-IRP)
  • Discard Protocol
  • FiRa UWB Controller Interface (UCI)
  • FiveCo’s Register Access Protocol (5CoRAP)
  • Fortinet FortiGate Cluster Protocol (FGCP)
  • GPS L1 C/A LNAV navigation messages
  • GSM Radio Link Protocol (RLP)
  • H.224
  • High Speed Fahrzeugzugang (HSFZ)
  • Hypertext Transfer Protocol version 3 (HTTP/3)
  • ID3v2
  • IEEE 802.1CB (R-TAG)
  • Iperf3
  • Low Level Signalling (ATSC3 LLS)
  • Management Component Transport Protocol (MCTP)
  • Management Component Transport Protocol – Control Protocol (MCTP CP)
  • Matter home automation protocol
  • Microsoft Delivery Optimization
  • Multi-Drop Bus (MDB)
  • Non-volatile Memory Express – Management Interface (NVMe-MI) over MCTP
  • RDP audio output virtual channel Protocol (rdpsnd)
  • RDP clipboard redirection channel Protocol (cliprdr)
  • RDP Program virtual channel Protocol (RAIL)
  • SAP Enqueue Server (SAPEnqueue)
  • SAP GUI (SAPDiag)
  • SAP HANA SQL Command Network Protocol (SAPHDB)
  • SAP Internet Graphic Server (SAP IGS)
  • SAP Message Server (SAPMS)
  • SAP Network Interface (SAPNI)
  • SAP Router (SAPROUTER)
  • SAP Secure Network Connection (SNC)
  • SBAS L1 Navigation Messages (SBAS L1)
  • SINEC AP1 Protocol (SINEC AP)
  • SMPTE ST2110-20 (Uncompressed Active Video)
  • Train Real-Time Data Protocol (TRDP)
  • UBX protocol of u-blox GNSS receivers (UBX)
  • UDP Tracker Protocol for BitTorrent (BT-Tracker)
  • UWB UCI Protocol
  • Video Protocol 9 (VP9)
  • VMware HeartBeat
  • Windows Delivery Optimization (MS-DO)
  • Z21 LAN Protocol (Z21)
  • Zabbix
  • ZigBee Direct (ZBD) 
  • Zigbee TLV

Updated Protocol Support

Here below, we have mentioned all the updated protocol support:-

  • JSON
  • IPv6
  • XML
  • SIP
  • HTTP
  • CFM

New and Updated Codec support

Adaptive Multi-Rate (AMR), if compiled with opencore-amr is the new and updated codec support.

Major API Changes

Here below, we have mentioned all the major API changes:-

  • Lua function “package.prepend_path” has been removed.
  • Added reassemble_streaming_data_and_call_subdissector() API for easier reassembly of non-TCP high-level protocol streaming data.
  • Some of the API now uses C99 types instead of GLib types.

Moreover, the Linux/Unix vendors offer Wireshark packages via platform-specific package management. If you want, then you can find the third-party packages on Wireshark’s download page.

Patch Manager Plus, the one-stop solution for automated updates of over 850 third-party applications: Try Free Trial.

Tushar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.