Release date:June, 2026
‎​

Last document update: June 22, 2026

Table of contents

What's new

Security: Adding support for more Linux distributions in EDR

Threat detection and response capabilities now cover Ubuntu 24.04, AlmaLinux, and Rocky Linux, enabling partners to extend EDR protection to additional Linux distributions without additional configuration.

Key benefits

  • Broader Linux coverage: Protect more Linux environments with EDR by using the same protection plans and workflows.
  • Unified policy management: Apply consistent EDR policies across all supported Linux distributions from a single console.

Supported scenarios

  • Enable EDR on protection plans applied to Ubuntu 24.04, AlmaLinux, and Rocky Linux workloads.
  • Detect, investigate, and respond to threats on all supported Linux distributions from a single console view.

Licensing

  • Solution-based: Security and RMM, Ultimate Protection.
  • Service-based (per-workload, per-gigabyte): Detection and Response.

Security: AI Triage for EDR incidents

Partners can now get instant AI-generated analysis of EDR incidents, including executive summaries, MITRE ATT&CK mappings, and prioritized remediation steps - at no extra cost and with no additional configuration required.

Key benefits

  • Included with EDR, zero extra cost: One-click activation, available on demand for all EDR incidents.
  • Instant incident clarity: Executive summary, MITRE ATT&CK mapping, and prioritized recommendations auto-generated for every critical incident.
  • Shareable PDF reports: Professional incident evidence ready to share with end customers in seconds.

Supported scenarios

  • After-hours critical incident: AI Triage delivers findings and remediation steps instantly - no analyst needed on call.
  • Customer communication: Export the AI Triage PDF and share a clear, professional incident report with the affected customer.
  • On-demand for any incident: Request AI Triage on any EDR incident to get a structured threat breakdown before deciding next steps.

Licensing

  • Solution-based: Security and RMM, Ultimate Protection.
  • Service-based (per-workload, per-gigabyte): Detection and Response.

Security: Add-on for customer-level communication in Acronis MDR

MSPs can now delegate all MDR-related communications with customers to Acronis, enabling direct incident notifications to end customers without MSP involvement.

Key benefits

  • Hands-off MDR for MSPs: Delegate all customer communication to Acronis with a single toggle per tenant.
  • Direct visibility for end customers: Incident notifications and reports go straight to the customer, not through the MSP.
  • Telco self-service: End customers on Telco plans can activate MDR directly without provider involvement.

Supported scenarios

  • An MSP activates the add-on, configures customer contacts, and Acronis handles all incident communication directly.
  • A customer receives security notifications straight from Acronis the moment an incident is detected.
  • A Telco customer opens the console, enables the add-on, and enters their own contacts without involving the Telco provider.

Licensing

  • Solution-based: Security and RMM, Ultimate Protection.
  • Service-based (per-workload, per-gigabyte): Detection and Response.

Backup: Support for Microsoft Entra ID

Partners can now protect Microsoft Entra ID (formerly Azure AD) organizations, enabling backup, comparison, and granular recovery of identity and access management data.

Key benefits

  • Protect critical identity infrastructure: Back up the Microsoft authentication and access management framework that underpins customer environments.
  • Granular recovery: Recover Entra ID data at any level - organization, object, record, or individual property.
  • Audit log access: Download any object, including audit and sign-in logs, directly from backup.

Supported scenarios

  • Back up a Microsoft Entra ID organization from a customer or unit tenant.
  • Compare Entra ID backup data with live data or another backup to detect configuration drift.
  • Recover Entra ID data at any level: organization, objects, records, or individual properties.
  • Download any object including audit and sign-in logs from backup.

Licensing

  • Solution-based: Backup and DR, Ultimate Protection.
  • Service-based (per-workload, per-gigabyte): Standard Protection > Microsoft 365 seats.

Backup: Multi-streaming for backup and recovery to cloud storage

Backup and recovery operations to cloud storage now use multiple parallel data streams, significantly reducing the time needed to protect and restore large workloads.

Key benefits

  • Faster backups: Parallel upload streams maximize available bandwidth and reduce backup windows for large workloads.
  • Faster recovery: Parallel download streams accelerate restoration of large datasets from cloud storage.
  • No configuration required: Multistreaming is applied automatically for eligible workloads.

Supported scenarios

  • Large-volume backups to cloud storage complete faster by using parallel data streams.
  • Recovery of large workloads from cloud storage is accelerated with simultaneous download streams.

Licensing

  • Solution-based: Backup and DR, Ultimate Protection.
  • Service-based (per-workload, per-gigabyte): Standard Protection.

Backup: Validation in Cloud

Partners can validate that backups remain bootable without requiring on-premises hypervisor infrastructure. Validation runs in Acronis datacenters and delivers screenshot-based confirmation by email.

Key benefits

  • Confidence that backups are bootable: Validation confirms the system can start successfully from backup.
  • No on-premises hypervisor required: The validation workload runs on Acronis Cloud infrastructure.
  • Automated reporting: Receive email notifications with screenshots confirming backup validity for each validated workload.

Supported scenarios

  • Create a Cloud Backup Validation plan to validate selected backups of up to 10 workloads over a two-week period without additional charges.
    • Note: If you want to extend the free usage limits, consider Acronis Disaster Recovery service with Automated Test Failover feature.
  • Receive emails with screenshots confirming backup validity for each validated workload.

Implementation notes

  • A maximum of 10 archives can be validated in cloud over a two-week period.
  • Supports Acronis Cloud, including partner-hosted backup storages.

Licensing

  • Solution-based: Backup and DR, Ultimate Protection.
  • Service-based (per-workload, per-gigabyte): Standard Protection.

Where to find

  • Cyber Protection Console > Management > Validation > Create cloud plan

Backup: Support for agentless backups on VMware Cloud Foundation 9.0

Agentless backup and recovery of virtual machines running on VMware Cloud Foundation (VCF) 9.0 / ESXi 9.0 is now fully supported, extending comprehensive VM protection to the latest VMware infrastructure version.

Key benefits

  • Full VCF 9.0 support: Protect VMs on VCF 9.0 without deploying agents inside guest VMs.
  • Comprehensive VM protection: Covers backup, recovery, replication, conversion, and instant restore.

Supported scenarios

  • Agentless VM backup and recovery on VCF 9.0.
  • Application-aware VM backup.
  • VM replication.
  • Convert to VM.
  • Run as VM (Instant Restore).

Licensing

  • Solution-based: Backup and DR, Ultimate Protection.
  • Service-based (per-workload, per-gigabyte): Standard Protection.

Where to find

  • Cyber Protection Console > Devices > Add > Broadcom (VMware) ESXi > download/deploy Agent for VMware to ESXi 9.0 hosts

Platform: Acronis AI - AI-driven onboarding for new partners

MSPs can now complete common onboarding tasks, such as creating customer tenants and users, with AI agent assistance directly in the console.

Key benefits

  • Faster MSP onboarding: AI-guided flows help reduce setup friction and enable MSPs to complete key onboarding tasks more quickly.
  • Context-aware assistance: AI responses can take into account tenant information, user data, partner survey data, and the MSP's current location in the console (scope is limited in this release).
  • Multi-domain support: AI can answer questions across multiple product areas within a single session and guide users to the most relevant area when a question is ambiguous.
  • Deep link support: AI responses can now include deep links to essential screens, such as Device details, Alert details, Tenant details, and User details.

Supported scenarios

  • Create a customer tenant with AI guidance: The AI agent guides the MSP through the required inputs and creates the customer tenant.
  • Create a user with AI guidance: The AI agent collects the required user details and creates the user.
  • Ask onboarding questions in context: AI uses available context, such as tenant information, user information, and partner survey data, to tailor responses.
  • Resolve ambiguous questions: When a question is too short or unclear, AI asks clarifying questions to provide a more accurate answer.

Licensing

  • Available with all licenses.

Platform: Cyber Compliance

MSPs can now assess and improve their customers' security posture through a new compliance section in the protection console. Based on CIS Controls v8.1, this feature provides visibility into implemented safeguards, identified gaps, and actionable guidance for improvement. Compliance will be enabled by default for every customer tenant.

Key benefits

  • Compliance scoring: CIS Controls v8.1-based score at customer tenant and device level, reflecting real safeguard implementation.
  • Central compliance visibility: Dedicated section in the console with both MSP and customer views.
  • Actionable safeguards: "How to fix" guidance linking each control requirement to relevant Acronis services.

Supported scenarios

  • View compliance scores for all customers from the central MSP view.
  • Identify safeguard gaps and prioritize remediation actions for specific customers.
  • Use "How to fix" guidance to map control requirements to Acronis services and close gaps.

Licensing

  • Available with all licenses.

Platform: Device sync in Autotask PSA

Acronis tickets created from alerts are now automatically linked to the corresponding device in Autotask PSA, making them visible in the device history and improving technician workflows.

Key benefits

  • Automatic device linking: Acronis alerts converted to tickets are automatically associated with the correct device in Autotask.
  • Device history in PSA: Tickets appear in the device overview screen, giving technicians full context without switching tools.
  • Bidirectional navigation: Each ticket contains a link back to the device in the PSA.

Supported scenarios

  • When a Acronis alert is converted to a ticket in Autotask, it is automatically linked to the correct device.
  • The ticket is visible from the device overview screen in Autotask.
  • The ticket contains a link back to the device in the PSA.

Licensing

  • Available with all licenses.

Workflow Automation: AI Assistant

Partners can now build and manage automation workflows by using natural language, with an AI assistant that creates, edits, and explains workflows based on plain-language descriptions.

Key benefits

  • Build workflows in plain language: Describe automation logic in natural language instead of manual step-by-step configuration.
  • Faster onboarding: Context-aware explanations of triggers, actions, and templates reduce learning time for new users.
  • Built-in quality: Automatic validation and correction suggestions improve workflow reliability.

Supported scenarios

  • Create a workflow by describing automation logic in natural language.
  • Edit a draft workflow by using text commands (add, remove, or modify steps).
  • Get recommended actions based on the selected trigger and ask the assistant to explain any trigger, action, or field.

Licensing

  • Available with all licenses.

Workflow Automation: Advanced trigger customization

Partners can now define input parameters directly on workflow triggers to control exactly when a workflow starts, reducing unnecessary executions and making workflow behavior more predictable.

Key benefits

  • Smarter execution: Specify trigger input parameters to limit when a workflow fires - for example, only for critical alert severity.
  • Reduced noise: Fewer unnecessary workflow executions by filtering at the trigger level rather than inside the workflow logic.
  • More transparent behavior: Workflow execution logic is easier to understand and predict.

Supported scenarios

  • Define trigger input parameters to limit when a workflow starts - for example, only for "critical" alert severity.

Licensing

  • Available with all licenses.

RMM: AI-guided remediations via remote command line

Technicians can now get AI-recommended remediation commands based on alert context or a plain-language description of the issue, with human-in-the-loop approval required before any command is executed remotely.

Key benefits

  • Faster alert resolution: AI suggests relevant remediation commands instantly based on alert context.
  • Less manual effort: Reduces the time technicians spend researching and writing remediation commands.
  • Secure execution: Human-in-the-loop approval is required for all remote command line operations.
  • Consistent remediation at scale: Apply the same AI-recommended approach across all managed devices.

Supported scenarios

  • Get AI-recommended remediation commands based on alert context or a plain-language description of the issue.
  • Review and approve or reject commands before execution (human-in-the-loop).
  • All remote command line execution details are logged to the Audit log.

Licensing

  • Solution-based: Security and RMM, Ultimate Protection.
  • Service-based (per-workload, per-gigabyte): RMM.

RMM: Support for Windows on ARM in Vulnerability Assessment and Patch Management

Partners can now scan Windows on ARM devices for OS and third-party application vulnerabilities and deploy patches to ARM-based endpoints by using the same protection plans as x86/x64 devices.

Key benefits

  • Consistent protection across architectures: ARM devices are scanned alongside x86/x64 endpoints with results in a single unified view.
  • Patch deployment for ARM: Deploy Microsoft and third-party patches to ARM-based Windows endpoints.
  • Architecture-aware deployment: A new architecture column in device selection confirms compatibility before deploying patches.

Supported scenarios

  • ARM-based devices are scanned alongside x86/x64 endpoints, with results displayed in a single Vulnerabilities list and Patches list.
  • Use the new architecture column to confirm compatibility before deploying patches to ARM devices.

Licensing

  • Solution-based: Security and RMM, Ultimate Protection.
  • Service-based (per-workload, per-gigabyte): RMM.

RMM: Automatic agent deployment via Active Directory

MSPs can now automatically discover and deploy Acronis agents to all Windows devices in a client's Active Directory domain by connecting once through a guided wizard, with ongoing automatic protection of new devices as they join the domain.

Key benefits

  • Eliminate manual agent deployment: Connect once to a client's AD domain and let the system automatically discover and deploy agents to all Windows devices.
  • Ensure full coverage without ongoing effort: Scheduled AD scans detect every new device that joins the domain automatically.
  • Scale to large environments: Batch deployments handle large fleets with built-in automatic retry logic.
  • Grow protected seats faster: Every domain-joined device becomes a protected endpoint, reducing the time between discovery and protection.

Supported scenarios

  • Set up automatic agent deployment for all domain-joined Windows devices by using a single guided wizard.
  • Receive console notifications for unmanaged devices in domains without an active onboarding plan.
  • Automatically discover and protect new devices as they join a client's Active Directory domain.
  • Recover from failed deployments by using automatic retry and roll-up alerts with one-click re-engagement.

Licensing

  • Available with all licenses.

GenAI Protection: Filtering events and detailed event context

In GenAI Protection > Events log under Protection menu, partners and customers can now search, filter, and investigate GenAI Protection events with richer context, including user details, device information, and the specific content that triggered a detection.

Key benefits

  • Faster investigation: Search and filtering by user, device, event type, timeframe, and risk area help quickly identify relevant events.
  • User-centric visibility: GenAI Protection events now include user details alongside device information, making DLP and prompt injection events easier to attribute.
  • Deeper event context: Open event details to see the specific content behind a detection and confirm whether sensitive or risky material was involved.

Supported scenarios

  • Filter events to identify sensitive data or prompt injection detections and determine which users and devices were involved.
  • Open event details to see the relevant context behind a detection and confirm that sensitive or risky content was involved.
  • Review detailed event context to identify false positives, adjust policy settings, or refine enforcement actions.

Licensing

  • Solution-based: Ultimate Protection.
  • Service-based (per-workload, per-gigabyte): Acronis GenAI Protection > Endpoints.

Updated Components

Acronis Cyber Protection agent

The Acronis Cyber Protection agent has the following new versions.

  • Acronis Cyber Protection agent for Windows (v.26.6.42659)
  • Acronis Cyber Protection agent for Mac (v.26.6.42659)
  • Acronis Cyber Protection agent for Linux (v.26.6.42659)

For more information about the release history of the Acronis Cyber Protection agent, see the agent release notes.

Fixed issues

Security

For information about security issues fixed in this release, see https://security-advisory.acronis.com/updates/UPD-2606-a90c-0163.

Acronis Cyber Protect Cloud

Common

  • [PLTFRM-86125] Backup storage locations with zero usage could not be deleted from the management console, as the system incorrectly reported them as being in use. This issue is now resolved.
  • [PLTFRM-88374] After registering a workload, the Acronis Cyber Protect Monitor displayed an "An internal error has occurred" message. This issue is now resolved.
  • [ADP-49068] Cancelled backup activities were displayed as completed with a warning in the Activities widget, causing the dashboard to show an incorrect warning status even when all backups had succeeded. This issue is now resolved.
  • [ABR-431590] Backup protection plans displayed warning alerts even when all backup operations had completed successfully, because stale alerts were not cleared. This issue is now resolved.

Backup

  • [ARC-1030] The total archive size shown in the management console was larger than the sum of all recovery points, because the size of differential slice base backups was not included in the display. This issue is now resolved.
  • [ABR-417740] When all email archives were deleted, the archiving storage usage was not updated to zero in the Management Portal. The storage usage is now correctly reported.
  • [ABR-428745] Cloud-to-cloud backups did not run on schedule when a protection plan was configured with a cleanup by backup age retention rule. This issue is now resolved.
  • [ABR-429373] The device widget in the management console displayed an outdated last successful backup date that did not reflect recent backup activity. This issue is now resolved.
  • [ABR-393841] When a bootable media agent was offline, the Delete button was not available in the web console, making it impossible to remove the agent. This issue is now resolved.
  • [CI-33957] cPanel database restores failed with the error "restore failed with phase two database restore failed: alter table import tablespace failed: invalid connection". This issue is now resolved.
  • [ABR-423351] Microsoft 365 Mailbox, OneDrive, and SharePoint backup and recovery operations completed with a warning when a transient network error occurred, because the operation stopped retrying after a single failure. This issue is now resolved.
  • [ABR-429957] When browsing deleted immutable backup slices in a cloud archive with immutability enabled, the operation failed with the error "Failed to find the backup". This issue is now resolved.

Cyber Protection agent

  • [KERNEL-19999] On some Windows machines, an alert was displayed stating that real-time protection and scheduled scans were not available because a driver was incompatible or missing. This issue is now resolved.
  • [ABR-429451] After updating the Cyber Protection agent, real-time protection and scheduled scans are not available due to an incompatible or missing driver. This issue is now resolved.
  • [ABR-431096] After updating the Cyber Protection agent from version 25.x, the MySQL Agent did not update automatically and the acronis_mms service failed to start. This issue is now resolved.
  • [PLTFRM-90493] Acronis services crashed during startup on CentOS 6 systems. This issue is now resolved.

Management Portal

  • [ADP-53017] When cloning an executive report and changing the customer, the recipient lookup displayed contacts from the original customer instead of the newly selected one. This issue is now resolved.
  • [ADP-53272] When editing an existing daily report schedule, changing the selected day did not enable the Save button, making it impossible to save the changes. This issue is now resolved.

Disaster Recovery

  • [DRAAS-51255] The VPN server used for disaster recovery contained outdated versions of OpenSSH and Dnsmasq with known vulnerabilities. These components have been updated to versions without known vulnerabilities. This issue is now resolved.

Known issues and limitations

Acronis Cyber Protect Cloud

Autodiscovery and remote installation

  • [ADP-39185] Active Directory-based discovery does not operate as expected with the default configuration of Windows Server 2025 because it enforces LDAP encryption by default.

Backup

  • [ABR-408680] Proxmox VE: When performing parallel backup operations with 2 or more Linux-based Proxmox VMs, which contain LVMs and XFS file system inside, the backup activities may become unresponsive in some cases.

    • Solution: Reduce the number of parallel VM backups in corresponding protection plan (Backup options -> Scheduling)

  • [ABR-365442] The backup validation completes successfully, but the validation status is incorrect or missing in backup sets with a large number of backups.
  • [ABR-361097] It is possible to create backups with special characters in their names, but such backups are not accessible when saved on a network storage.
    • Solution: Do not use special characters in backup names, even though the application allows you to.
  • [ABR-305920] The backups of System state performed via the Windows Server Backup feature fail with the error message "The process cannot access the file because it is being used by another process."

Bootable media

  • [ABR-358235] WinPE-based media: Unable to browse backup files if the cloud storage location contains corrupted backup archives.
  • [ABR-431185] Linux bootable media is registered successfully via a token, but does not appear in the Bootable Media section.

Cyber Protection agent

  • [ABR-371912] The Acronis SnapAPI module may require separate compilation after installation on Rocky Linux or Oracle Linux 8.7 distributions.
    • Solution: Compile the SnapAPI module manually after installing the Agent for Linux on a workload that runs on a Rocky Linux or Oracle Linux 8.7 distribution.

Disaster recovery

  • If the tenant (customer or partner) is disabled or deleted while an Automated Failover is in progress, the operation fails with the error "Please try again later or contact Support" while it should indicate that the tenant is no longer accessible.

Recovery

  • [ABR-371521] When browsing backup archives, the sorting of files by last change date does not work correctly.

Virtualization protection

  • [ABR-383978] No alert about almost reached storage quota is displayed for agentless Microsoft Azure VM backups.
  • [ABR-383972] No alert about exceeded storage quota is displayed for agentless Microsoft Azure VM backups.

For more information on known issues and workarounds, please visit our Knowledge Base.