Release date:March, 2026
‎​

Last document update: April 16, 2026

Table of contents

What’s new

Acronis MDR by Acronis TRU

Acronis-delivered MDR service, powered by the Acronis Threat Research Unit (TRU), integrated directly into Acronis Cyber Protect Cloud.

Key benefits

  • Unified MDR experience inside Acronis Cyber Protect Cloud through the new MDR Menu in the Protection tab.
  • Simplified enablement flow to make MDR more accessible.
  • Direct collaboration with Acronis SOC analysts through the new Service Portal.
  • Hands-off security operations with predictable outcomes.
  • Integrated response, recovery, and hardening.

Supported scenarios

  • MSPs expanding their security portfolio without SOC investment.
  • Partners looking for a fully managed, hands-off MDR service.
  • MSPs serving SMB and mid-market customers with limited security maturity.
  • Partners standardizing security operations across regions and tenants.

Licensing

  • Solution-based: Additional service that can be added to Security and RMM or Ultimate Protection.
  • Service-based (per-workload, per-gigabyte): Available under Endpoint Detection and Response under Cyber Protection.
  • Two different service levels: Standard and Advanced.

Cyber Frame: Early Access Program

A secure hyperconverged infrastructure (HCI) and IaaS solution for service providers.

Key benefits

  • Deliver IaaS services: VMs, networks, hot and cold storage to your customers on your own terms and on your own infrastructure.
  • Protected by default: built-in backup, DR, security and RMM automatically enabled from day one.
  • No proprietary hypervisor lock-in: built on OpenStack and KVM, giving service providers long-term flexibility and independence.
  • Built together with Virtuozzo: a leader in the hyperconverged infrastructure domain.
  • Multi-tenant and designed for service providers: enables efficient and profitable IaaS delivery.

Supported scenarios

  • Provision and manage virtual machines, virtual networks, and tiered storage services from the Acronis platform.
  • Run multiple tenants on shared infrastructure with logical isolation between customers.
  • Self-service: Enable customers to provision infrastructure resources within defined limits, supporting zero-touch or low-touch service delivery.
  • Automatically provide native backup and DR for workloads, including VM-level backup, restore, failover and failback.
  • Enable advanced threat protection with centralized monitoring and policy enforcement across virtual machines.

Licensing

  • Available in 2 models: partner-hosted (Cyber Frame Local) and Acronis-hosted (Cyber Frame Cloud).

Availability

For additional information on Cyber Frame Cloud service availability per Acronis DC see https://care.acronis.com/s/article/Acronis-Cyber-Frame-regional-availability-in-Acronis-DCs?language=en_US

Per-customer billing report for Acronis partners

Acronis partners can now access monthly billing reports with invoice-ready per customer details, granular usage and expense breakdown, available by default as part of Acronis Cyber Protect Cloud.

Key benefits

  • Granular monthly usage and expense breakdown.
  • Clear billing details to invoice clients and reduce disputes.
  • No activation or setup — easy to use.

Supported scenarios

  • Automated monthly billing for Acronis service usage.
  • Price-list details aligned with partner’s contract.
  • Quick access to customer details and services.
  • Email delivery with Excel and PDF report versions.
  • Scheduled report sending.

Licensing

  • Available with all licenses.

Custom User Roles

User-defined user roles with custom sets of permissions, available by default as part of Acronis Cyber Protect Cloud.

Key benefits

  • Flexibility: Tenants have the ability to define roles matching their needs. No more limited by the available built-in roles.
  • Delegation: MSPs can delegate tasks to less privileged admins without giving full admin rights.
  • Segmentation: MSPs can Separate permissions between different customers.
  • Reusability & efficiency: Custom roles are reusable. They are inherited by child tenants. Child tenant admins can use them as they are or clone and customize them further.
  • Compliance & Audit Requirements: Many frameworks require RBAC (ISO/IEC 27001, NIST Cybersecurity Framework, SOC 2, GDPR).

Supported scenarios

  • Tenant admin one or more custom roles. Each custom roles is configured with required permissions, finally the new custom roles are assigned to the tenant users.
  • Child tenant admins can use custom roles defined by parents tenants directly.
  • Child tenant admins can clone custom roles defined by parents tenants directly, and (reduce/extant) the permissions list to match their needs.

Licensing

  • Available with all licenses.

Backup: Partner protection plans for agent-based protection

Partner and Folder administrators can now create protection plans and apply them to agent-protected machines of one or more customers, providing full control over customer workload protection.

Key benefits

  • Ensures that backup plans with preferred settings are applied consistently across customer environments.

Supported scenarios

  • A partner creates a protection plan and applies it to the protected machines of their customers.

Implementation notes

  • Supported with agent-based protection only.

Licensing

  • Solution-based: Backup and DR, Ultimate Protection.
  • Service-based (per-workload, per-gigabyte): Standard Protection.

Backup: Change archive password

Partner and Company administrators can now change the passwords for backup archives directly in protection plans, without revoking and recreating them.

Key benefits

  • Quickly address compromised passwords caused by malware or security incidents.
  • Protect against potential actions from disgruntled employees.
  • Comply with company policies that require regular password changes.

Supported scenarios

  • Change the password of a backup archive directly in the protection plan settings.

Implementation notes

  • Supported for agent-based machines only (physical servers, workstations, or VMs with an installed agent).
  • Supported for the v12 (tibx) backup format only.
  • If not all protected machines have at least two successful backups using the new password, changing the password again is not allowed.

Licensing

  • Solution-based: Backup and DR, Ultimate Protection.
  • Service-based (per-workload, per-gigabyte): Standard Protection.

Backup: Simplified onboarding for Microsoft 365

A streamlined onboarding experience for Microsoft 365 backups minimizes the complexity of initial setup and reduces the time needed to start protecting Microsoft 365 data.

Key benefits

  • Minimizes the onboarding process duration.
  • Removes setup complexity — no training needed.

Supported scenarios

  • Back up the entire Microsoft 365 organization in a few steps.
  • Select specific workloads within the Microsoft 365 organization to protect.
  • Quickly onboard to Acronis Cyber Protect Cloud.

Implementation notes

  • This release supports backing up an entire Microsoft 365 organization and selecting specific workloads. Support for exclusions will be introduced in a future release.

Licensing

  • Solution-based: Backup and DR, Ultimate Protection.
  • Service-based (per-workload, per-gigabyte): Standard Protection.

Backup: Microsoft 365 Exchange mailbox backups via Graph API

Microsoft is phasing out Exchange Web Services (EWS) in Exchange Online, with early enforcement targeting Frontline and Kiosk licenses, followed gradually by all other licenses until the final, general retirement of the EWS API in 2027.

To ensure continued protection for customers with Frontline licenses, the backup of Microsoft 365 Exchange mailboxes now uses the Microsoft Graph API instead of the deprecated EWS API.

Key benefits

  • Maintains uninterrupted backup coverage as Microsoft deprecates the EWS API for Frontline license users.

Supported scenarios

  • Continue backing up Microsoft Exchange user mailboxes after Microsoft deprecates EWS API for Frontline licenses.

Implementation notes

  • Applies to users with Microsoft 365 Frontline licenses (M365_F1, Microsoft_365_F1, Microsoft_365_F3, Office_365_F3, and SPE_F1).

Licensing

  • Solution-based: Backup and DR, Ultimate Protection.
  • Service-based (per-workload, per-gigabyte): Standard Protection.

Agent for Windows on ARM

Key benefits

  • Flexibility: More than just backup and recovery for ARM – includes also RMM and antimalware protection for full coverage.
  • Universal: Protect both classic x86 and modern ARM CPU-based workloads in a single console

Supported scenarios

  • Common: Agent for Windows on ARM remote installation to ARM
  • Backup: Disk/file backup and restore for Windows ARM workloads.
  • Security: Antimalware protection, including self-protection.
  • RMM: Remote management, Cyber Scripting

Limitations

  • Windows 11/Server 2025+ supported only
  • RMM: Monitoring, Vulnerability Assessment, Patch Management, HW/SW Inventory, SW deployment are not supported
  • DR in Acronis Cloud: not supported

Licensing

  • Available with all licenses.

Security: Independent offering items for EDR and XDR in service-based licensing

The single XDR offering item that existed previously is now split, so partners can enable EDR and XDR independently per customer tenant. This provides more granular control over security offering items in service-based licensing.

Key benefits

  • Enable EDR and XDR independently per customer tenant.
  • Clearly monitor which customer endpoints have EDR and XDR enabled.

Supported scenarios

  • In Management Portal, under Detection and Response, a partner can select for their customers the EDR and XDR offering items.
  • A PSA integration partner selects Detection and Response EDR and XDR offering items for their customers using the API.

Licensing

  • Solution-based: EDR and XDR are included in the Security and RMM and the Ultimate Protection solutions.
  • Service-based (per-workload, per-gigabyte): Detection and Response offering item under Cyber Protection.

Security: Multi-workload incidents in EDR/XDR

Investigations now span multiple workloads within a single incident, providing end-to-end attack visibility and a consistent incident graph across EDR and XDR.

Key benefits

  • Unified investigations across multiple workloads.
  • Clear per-workload threat and mitigation visibility.
  • Consistent visualization across EDR and XDR with a new Incident Graph.
  • Transferred Incidents model improves clarity when related detections are consolidated.

Supported scenarios

  • Related detections on two different workloads representing a single attack are correlated into one incident.
  • Lateral movement or file spread across workloads is tracked end-to-end.
  • A single-workload incident later correlates into a multi-workload scenario.
  • Large multi-workload cases automatically collapse into manageable graph views.

Implementation notes

  • Detections are correlated across a maximum of two workloads in this release.
  • Original incidents that are merged into a consolidated incident are marked as Transferred for traceability.
  • The Cyber Kill Chain view now supports workload switching and individual states.

Licensing

  • Solution-based: Security and RMM or Ultimate Protection.
  • Service-based (per-workload, per-gigabyte): Available under Endpoint Detection and Response under Cyber Protection.

RMM: AI-powered summaries of remote desktop sessions and in-session recommendations

Acronis AI automatically generates comprehensive summaries of remote desktop sessions and provides real-time troubleshooting recommendations during live sessions, reducing resolution time and improving service quality.

Key benefits

  • Time savings and improved efficiency with automatically generated session summaries.
  • Enhanced accountability and knowledge sharing: session summaries and recordings can be shared within the organization for training and audit purposes.
  • Faster issue resolution: AI automatically categorizes sessions by issue type and sets resolution status.
  • Real-time troubleshooting guidance: Acronis AI provides step-by-step recommendations during live remote sessions.
  • Reduced training burden: junior technicians can handle complex issues with AI guidance.

Supported scenarios

  • Automatic generation of remote session summaries with all actions taken, using AI.
  • Review session recordings with timecoded navigation to specific actions for training or audit purposes.
  • Share session summary links when escalating or handing off an issue.
  • Browse remote session insights across managed devices.
  • Get best-practice troubleshooting recommendations via Acronis AI based on previous experience in remote sessions.
  • Get in-session, context-aware support from Acronis AI to address technical questions.

Licensing

  • Solution-based: Security and RMM, Ultimate Protection.
  • Service-based: RMM under Cyber Protection.

Acronis Pricelist API

Pricelist API availability for Cloud Distributors and Acronis partners.

Key benefits

  • Improved efficiency and new unlocked scenarios for marketplace and billing integrations.
  • Transparent pricing: the API provides the actual minimum commitment value, selected pricing tier, list price, applied discounts, and effective price for each SKU.
  • Access to historical changes: the API allows partners to retrieve pricing data for the past 12 months.

Supported scenarios

  • Partners can retrieve their Acronis price list.
  • Distributors can retrieve the effective price list for all their partners.
  • The effective price list supports other Acronis features, such as the Per-Customer Billing Report.

Licensing

  • Available with all licenses.

Acronis AI: Operational visibility across tenants and users

Acronis AI delivers instant operational visibility across tenants and users through natural-language queries, reducing manual effort and accelerating day-to-day partner management.

Key benefits

  • Identify customer tenants still in trial that may require onboarding support or partner attention.
  • Check current service adoption and usage across customer environments.
  • Retrieve key user details across partner and customer tenants, including roles, activation status, contact type, and 2FA enablement status.

Supported scenarios

  • A partner administrator opens an AI chat and asks natural-language questions about tenant or user status.
  • Acronis AI provides status information about tenants and users, including activation status, pricing mode, 2FA enablement, and current usage.

Implementation notes

  • Custom user roles are not included in AI responses in this release. Only standard pre-built user roles per service are supported.

Licensing

  • Available with all licenses.

Acronis AI: Operational visibility across alerts and workloads

Partners can now use natural-language queries in Acronis AI to instantly surface alerts and workload health status across their tenants, without navigating multiple screens.

Key benefits

  • Faster triage and response: instantly surface the most relevant alerts and workload issues.
  • Higher operational efficiency: use natural-language queries instead of searching across views and reports.
  • Proactive service delivery: quickly identify unhealthy or unprotected workloads before they affect customer environments.

Supported scenarios

  • Check the current health status of workloads across the tenants.
  • Review critical alerts in a chat-based tabular view.
  • Identify offline machines or workloads with abnormal status.
  • Detect workloads with no protection policies applied.

Licensing

  • Available with all licenses.

Management Portal: In-product dashboard and onboarding for partners

A new Get Started dashboard gives partners a single place to view trial subscription status, onboarding progress, partner program benefits, and resource usage, helping them become productive faster without relying on manual support or external training.

Key benefits

  • Faster partner activation and higher service adoption through a self-service experience.
  • Reduces onboarding and support effort for partners.

Supported scenarios

  • Follow a built-in onboarding guide with key steps to get started quickly.
  • Access in-product video tutorials for each service.
  • Review subscription status, get licensing overview, and switch from trial to production directly in the product.
  • Understand partner program benefits for trial and production, with direct links to the Partner Program details.
  • Monitor resource usage and quickly add customers and workloads.

Licensing

  • Available with all licenses.

Updated Components

Acronis Cyber Protection agent

The Acronis Cyber Protection agent has the following new versions.

  • Acronis Cyber Protection agent for Windows (v.26.03.42252)
  • Acronis Cyber Protection agent for Mac (v.26.03.42252)
  • Acronis Cyber Protection agent for Linux (v.26.03.42252)

For more information about the release history of the Acronis Cyber Protection agent, see the agent release notes.

Changes in the Acronis Cyber Cloud API

You can find more information and the history of changes in Acronis Cyber Cloud API in the API change log document.

Fixed issues

Security

For information about security issues fixed in this release, please refer to https://security-advisory.acronis.com/UPD-2603-15d3-c1f9.

Acronis Cyber Protect Cloud

Active Protection

  • [AMP-42634] Adobe applications crashed when the Antimalware Protection module was enabled. This issue is now resolved.
  • [AMP-42698] Running a full malware scan caused the machine to become unresponsive or freeze. This issue is now resolved.
  • [KERNEL-19999] On some Windows machines, an alert was displayed stating that real-time protection and scheduled scans were not available because a driver was incompatible or missing. This issue is now resolved.

Common

  • [ABR-418041] When a delete backup operation fails, the error "Can't find backup" is displayed with no additional context. The error message now includes information to help troubleshoot the cause.

Cyber Protection agent

  • [ADP-39196] On some Windows machines, the hardware inventory data was not collected or displayed. This issue is now resolved.
  • [ADP-40673] The automatic updates of Agent for Linux might fail. This issue is now resolved.
  • [ADP-44685] When a backup plan was already running at the time patch management triggered a pre-update backup, the backup plan ran multiple times. This issue is now resolved.
  • [ADP-49219] After patches were installed with the 'Always restart' option, the restart countdown was displayed, but the device did not restart automatically. This issue is now resolved.
  • [PLTFRM-87538] Backups fail with the error "An internal error occurred while connecting to process." This issue is now resolved

Management Portal

  • [PLTFRM-87783] Unable to create Email notification policy and the "500 Internal Server Error" occurs. This issue is fixed now.

Microsoft 365 protection

  • [ABR-410953] When removing a Microsoft 365 subscription failed, the organization became stuck in the 'pausing' state. This issue is now resolved.
  • [ABR-417740] When all email archives were deleted, the archiving storage usage was not updated to zero in the Management Portal. The storage usage is now correctly reported.

Recovery

  • [ABR-418392] The Flavor selector is not visible in the VM restore wizard.
  • [ABR-420078] Browsing Microsoft 365 backups was slow, intermittently showed empty content, or failed with a timeout error. This issue is now resolved.

Hosting control panel integrations

  • [CI-33308] The error "Failed to mount the recovery point" occurs when browsing backups of CloudLinux 7.9 in cPanel Control Panel. This issue is now resolved

Known issues and limitations

Acronis Cyber Protect Cloud

Installation and upgrade

  • [ABR-423782] Agent version 26.03.42183. does not support installation and upgrade on Windows XP. This issue will be fixed in the upcoming hotfix release.

Autodiscovery and remote installation

  • [ADP-39185] Active Directory-based discovery does not operate as exepcted with the default configuration of Windows Server 2025 because it enforces LDAP encryption by default.

Backup

  • [ABR-408680] Proxmox VE: When performing parallel backup operations with 2 or more Linux-based Proxmox VMs, which contain LVMs and XFS file system inside, the backup activities may become unresponsive in some cases.

    • Solution: Reduce the number of parallel VM backups in corresponding protection plan (Backup options -> Scheduling)

  • [ABR-365442] The backup validation completes successfully, but the validation status is incorrect or missing in backup sets with a large number of backups.
  • [ABR-361097] It is possible to create backups with special characters in their names, but such backups are not accessible when saved on a network storage.
    • Solution: Do not use special characters in backup names, even though the application allows you to.
  • [ABR-305920] The backups of System state performed via the Windows Server Backup feature fail with the error message "The process cannot access the file because it is being used by another process."

Bootable media

  • [ABR-358235] WinPE-based media: Unable to browse backup files if the cloud storage location contains corrupted backup archives.

Disaster recovery

  • If the tenant (customer or partner) is disabled or deleted while an Automed Failover is in progress, the operation fails with the error "Please try again later or contact Support" while it should indicate that the tenant is no longer accessible.

Virtualization protection

  • [ABR-383978] No alert about almost reached storage quota is displayed for agentless Microsoft Azure VM backups.
  • [ABR-383972] No alert about exceeded storage quota is displayed for agentless Microsoft Azure VM backups.

For more information on known issues and workarounds, please visit our Knowledge Base.