Wireshark 4.6.4 Fixes Critical Security Vulnerabilities and Boosts Stability

Wireshark 4.6.4 fixes three security vulnerabilities that could crash the network analyzer. Malformed packets in USB HID, NTS-KE, and RF4CE dissectors triggered memory exhaustion or crashes. Network admins and security teams should update now to block denial-of-service risks.

These flaws let attackers disrupt analysis sessions remotely. Wireshark handles massive packet captures daily. A single bad packet could halt investigations. The update patches dissectors that decode USB devices, Network Time Security, and consumer electronics radio traffic.

Beyond security, Wireshark 4.6.4 tackles performance bugs. Expert Info ran slow on large files before. TShark crashed on BLF output. Download from the official site immediately.

Fixed Vulnerabilities

Each flaw targets protocol dissectors. They process raw network data into readable formats.

Key Stability Fixes

Performance gains help large-scale analysis:

• Expert Info scales linearly now.
• TShark and editcap handle BLF output.
• Fixed PCAPNG Darwin option blocks.
• TDS protocol sync issues resolved.
• Art-Net PollReply RDM decoding works.
• Zigbee fuzzing crash eliminated.

Updated protocols include Art-Net, BGP, IEEE 802.11, IPv6, MySQL, NAS-5GS, and Socks. BLF and pcapng file support improved.

Update Benefits

Security analysts avoid DoS during incident response. Developers test protocols safely. Network teams capture without crashes.

Large captures run smooth. No more quadratic slowdowns. Fuzzing stays reliable for vulnerability research.

Installation Steps

Update Wireshark quickly:

• Visit wireshark.org/download.
• Select your platform installer.
• Run as administrator.
• Verify version shows 4.6.4.
• Test with sample captures.

Backup custom profiles first. Restart analysis tools after update.

FAQ