github Windscribe/Desktop-App v2.22.10
on GitHub

latest release: v2.23.4
5 hours ago

Added

  • A 'ports' command to the CLI.
  • Belarusian (Taraškievica) localization. Community contribution by dubovy-achvelak.
  • Support for the new server list v2 API.

Improved

  • Filtering of potentially malicious directives in OpenVPN custom configs to prevent a local privilege escalation.
  • "No P2P" icon to display per-city (datacenter) instead of per-country in the locations list.
  • BFE service status detection on Windows when SCM access is restricted from unelevated processes.
  • WireGuard PersistentKeepalive to use a value of 25 on all platforms.
  • HTTP ping to use IP address rather than hostname.
  • Field validation for custom WireGuard config import.
  • Non-critical scriptlet commands on Linux to be optional to prevent failures when reinstalling or upgrading.

Fixed

  • Application blocked by TLS fingerprinting in Russia.
  • AmneziaWG custom configs with valid H1-H4 ranges rejected by the security validator.
  • Possible local privilege escalation in the helper due to insufficient parameter validation before executing shell commands on macOS and Linux. We thank Johan Wahyudi for responsibly disclosing this issue.
  • IPC frame bounds checking to reject malformed or oversized messages.
  • Security vulnerability in ctrld command argument processing on macOS and Linux.
  • WireGuard custom config IP/CIDR validation to prevent command injection via crafted .conf files on Linux.
  • Command injection in CLI update handler on Linux.
  • Possible local privilege escalation and TOCTOU exploits in the macOS helper and installer.
  • Possible local privilege escalation and TOCTOU exploits in the Linux helper.
  • Potential privilege escalation during app update process on Linux.
  • WireGuard service may start then terminate immediately in a loop after wake from sleep on Windows.
  • Possible app crash when initiating an IKEv2 connection on Windows.
  • Potential deadlock at app start.
  • Factory reset does not fully reset preferences on macOS.
  • Call continuity doesn't work with firewall enabled on macOS.
  • OpenVPN TCP fails to connect when LAN proxy feature is enabled on macOS.
  • Multicast traffic not working on split tunneled apps on macOS.
  • Server sub-menus for the locations list in the OS tray menu should have a delay before being displayed.
  • Protocol indicates "WireGuard" while disconnected and selected location is an OpenVPN custom config.
  • WireGuard key limit dialog overlaps notification banners on app launch.
  • Standard/hashed login text overlaps when language set to Belarusian.
  • wsnet receiving system language rather than user's preferred language.
  • News feed title is clipped and entry height miscalculated when entry is expanded.
  • Location list hover states broken after clicking main window.
  • Third-party custom config may no longer pass tunnel test.
  • Dropdown menus in Preferences scrolling to the wrong position.
  • El Salvador flag icon.
  • App does not consistently connect to the specific server that has the user's pinned IP.
  • Purchased ALC locations cannot be selected.
  • Unnecessary VPN reconnection when switching between WiFi access points on the same network on macOS and Linux.
  • An app crash when on macOS when all app sessions are cleared via the website account page.
  • A potential crash while reinstalling the app on macOS.
  • A crash when interacting with credential fields on macOS.
  • P2P indicators not shown for premium locations.
  • Cannot connect to purchased individual locations because the UI shows them as premium-only.
  • Cannot connect with custom configs requiring credentials.
  • Bridge API session tokens not being cleared during logout and persistent settings cleanup.
  • Potential use-after-free crash when API handles outlive global wsnet teardown.
  • Advanced parameters not parsed after being written on Linux.
  • WireGuard reconnect fails after plan downgrade until app restart.
  • Protocol Tweaks toggle not enabling during fresh install on a Russian network.
  • Location nickname may be corrupted when best location changes.
  • Incorrect knowledge base URL in Help window.
  • Change protocol screen maximizes vertically after moving it.
  • Linux CLI does not log the user out when all active sessions are deleted from the account.
  • DNS manager may misdetect as resolvconf on Ubuntu when it should be NetworkManager.
  • Linux Dockerfile build tool downloads not hash verified.

Updated

  • Qt 6.11.0.
  • cURL 8.18.0.
  • OpenSSL 3.6.1.
  • OpenVPN DCO driver 2.8.2.
  • ctrld to 1.5.0.
Check out latest releases or
releases around Windscribe/Desktop-App v2.22.10

Don't miss a new Desktop-App release

NewReleases is sending notifications on new releases.

Get notifications