Skip to content

7.13
Compare
Choose a tag to compare
@Aydinv13 Aydinv13 released this 18 May 16:58
· 8 commits to master since this release
v7.13.0
23be469
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Disclaimer AdGuard for Windows is not an open-source project. We use Github as an open bug tracker for users to see what developers are working on.

As spring arrives, AdGuard for Windows unveils its latest release, complete with numerous new features and improvements.

Experimental Encrypted ClientHello support

Notably, the addition of experimental support for Encrypted ClientHello (ECH) is worth mentioning. This new technology fully encrypts HTTPS connections, concealing server names you are connecting to from ISPs and ensuring complete privacy.

So that you can benefit from it, we’ve added the Use Encrypted ClientHello feature to the Advanced settings section and enabled DNS protection by default for all users.

Note that the Use Encrypted ClientHello feature can only work with the low-level Block ECH setting disabled and DNS protection enabled. The thing is that ECH relies on data obtained through DNS, so in order for AdGuard to receive this data and enable ECH globally for users, DNS filtering is necessary.

For Encrypted ClientHello technology to work, it must be supported on both client and server sides. Today, ECH support is implemented in a limited number of applications. Chrome and Firefox, for example, are in the process of adding it. Here we have no choice but to wait. But thanks to AdGuard, ECH support will automatically work in all apps and browsers on your device.

To check whether ECH is working, you can:

  1. Go to https://crypto.cloudflare.com/cdn-cgi/trace/ and see if it says sni=encrypted.

  1. Go to https://defo.ie/ech-check.php and check if it says SSL_ECH_STATUS: success.

As the Use Encrypted ClientHello feature is experimental, it may also lower your browsing speed a bit. But, we're currently working on solving this issue.

New Advanced settings

We’ve also added 16 more features to the Advanced settings section. A detailed description of each feature can be found in our Knowledge base. Here we’ll only give their names.

All new advanced features can be divided into six groups:

  • Anti DPI options allow to modify packets at a low level during filtering to prevent tracking via deep packet inspection

    • Adjust size of fragmentation of initial TLS packet
    • Add an extra space to the plain HTTP request
    • Plain HTTP request fragment size

  • Keepalive settings allow to configure settings to work with keepalive connections

    • Enable TCP keepalive
    • TCP keepalive interval
    • TCP keepalive timeout

  • Filtering exclusion settings allow to exclude both Wi-Fi networks and particular subnets (specified in the CIDR notation) from DNS filtering

    • Exclude specified IP ranges from filtering
    • IP ranges excluded from filtering
    • Exclude specified Wi-Fi network names (SSID) from DNS filtering

  • DNS-related options allow to fine-tune DNS settings

    • Use fallback DNS upstreams
    • Use HTTP/3 for DNS-over-HTTPS
    • Query DNS upstreams in parallel
    • Always respond to failed DNS queries

  • Certificate security options allow to check certificates of websites and web services

    • Check websites' certificate transparency
    • Enable asynchronous OCSP SSL/TLS certificate revocation checks
  • Enable filtering at system start-up. Now by default, AdGuard for Windows does not filter traffic after OS startup if the option Launch AdGuard at system start-up is disabled. If you want filtering to be performed even if AdGuard is not launched, you should enable this option.

Note that before v7.12 the AdGuard's service started in filtering mode by default (even if the Launch AdGuard at system start-up was disabled). If you were satisfied with the old behavior, enable this option.

What else? Aside from the regular CoreLibs and DnsLibs updates, we’ve updated WFP and TDI drivers and ExtendedCSS. We’ve also allowed to disable the Filter localhost advanced feature. But be aware that disabling this feature will prevent AdGuard Ad Blocker and AdGuard VPN from working simultaneously.

Changelog

Features

  • Added an option to disable DNS filtering on selected Wi-Fi networks #4578

  • Added an option to disable the Filter localhost advanced setting if AdGuard VPN is also enabled #4586

  • Implemented the newest TLD-to-locale mappings from the AdGuard Browser Extension repo #4620

  • SafeVisit was added to the list of filtered applications #4618

  • When the default settings for displaying queries in the Filtering log are changed, the filter icon is highlighted #4406

  • Allowed the Ctrl + E combination to open the advanced filter editor of the currently selected DNS filter #4330

  • AdGuard now backs up UI settings 4404

  • Added an option to operate the dialog boxes using the Enter button #4526

Fixes

  • AdGuard hangs after resuming from hibernation #4565
  • AdGuard does not automatically import CA for Firefox #4595
  • AdGuard's certificate is not deleted from the system certificate store after removing the app #4610
  • After the system starts, the message The app can't reach AdGuard servers appears #4590
  • WCF communication breaks after resuming from hibernation #4551
  • Imperfections in the installer's dark theme #4584
  • The filter editor reopens instead of focusing once the filter editor button is clicked more than once #4619
  • A DNS server or filter cannot be added via the Add to AdGuard button if Parental Control is enabled and a password is set #4272
  • Not possible to exit the advanced DNS filter editor by clicking the Esc button #4329
  • Once the DNS Filter Editor is opened, clicking the down arrow selects not the User rules section, but the filter below it. #4333
  • The up/down arrow keys do not work correctly in the DNS Filter Editor after certain actions #4362
  • When attempting to create a custom filter with an already used name, a notification Error while processing the custom filter appears
    #4437
  • If the filter rule editor is already open, clicking the Edit button in the User rules will bring up a window for editing the previously opened filter #4438
  • With filtering disabled for an app, the browser assistant continues working as if filtering was not disabled #4379
  • Incorrect behavior of the Disable protection for 30 seconds feature after enabling or disabling protection #4535
  • AdGuard doesn't filter the Craving Explorer browser #4544
  • If you exit AdGuard and open its settings from Assistant while the service is running, AdGuard won't open #4556
  • DNS filter rules are not applied after network shutdown #4588
  • NordVPN interferes with the work of AdGuard if AdGuard’s DNS module is enabled #4673
  • Upon exiting AdGuard, the Assistant indicates that AdGuard is not installed or misconfigured #4663
  • Incorrect translation in the updater window #4640
  • Disabling the Enable traffic filtering option does not stop filtering #4657
  • The path modifier does not work on yandex.ru/images #1738
  • The $jsonprune modifier can’t handle jsonp #1717
  • Filtering does not work on websites with dot at the end #1741
  • In some cases filtering doesn’t work on Google-related websites (e.g. youtube.com) #4480
  • AdGuard Browser Assistant doesn't work in Chrome 113 #4693

Important for filter maintainers

Features

  • The jsonprune, badfilter, removeheader and hls applied rules are displayed in the Filtering log #4536
  • Added the $permissions modifier #419
  • Added regexp support for the $domain modifier #1550
  • Added the $url modifier #1551
  • Improved compatibility of the $redirect syntax with uBO #1605
  • Improved functionality of the $jsonprune modifier #1710
  • The $jsonprune modifier handles jsonp #1717

Fixes

  • Cannot add a new user rule via the plus icon or by clicking on an empty line 4519
  • The original rule is added to the Filtering log when the converted uBO-syntax HTML rule ##^script:has-text() is applied #1709
  • uBO HTML filtering conversion doesn’t work properly
    #1708
  • Impossible to enable/disable protection when $generichide and $generichide,badfilter rules are added #1681
  • In some cases the $important modifier does not work #1695
  • $removeparam exceptions do not work #1704
  • A correct rule is marked as invalid #1625
  • The element hiding exception doesn't work if the rule contains ~domain #1673

Versions

CoreLibs

  • Updated CoreLibs to v1.11.88 #4681

DnsLibs

  • Updated DnsLibs to v2.1.35 #4683
  • Added tplinkextender.net to fallback domains #183

ExtendedCSS

  • Updated ExtendedCSS to v2.0.51
  • Changed IAffectedElement – make content optional #163

Scriplets

  • Updated Scriplets to v1.9.1
  • Added a new m3u-prune scriptlet #277
  • Added more possible values in the set-attr scriptlet
    #283
  • Improved adjust-setTimeout and adjust-setInterval scriptlets #262
  • Improved json-prune scriptlet #282
  • Fixed error in prevent-element-src-loading #270
  • Fixed xml-prune-related errors #289
  • Fixed compatibility for the noopcss redirect #299

AdGuard for Windows direct download links:

Release channel

Beta channel

Nightly channel

Assets 3
Loading