Zurich Patch 9 Hotfix 1

  • Release version: Zurich
  • Updated May 29, 2026
  • 5 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Zurich Patch 9 Hotfix 1

    The Zurich Patch 9 Hotfix 1, released on May 29, 2026, addresses multiple issues across authentication, code signing, database persistence, instance scanning, platform analytics, related lists, system events, upgrade center, virtual agent, and Word document APIs. This patch is essential for ServiceNow customers running Zurich family releases, especially those using regulated market environments and iOS devices.

    Show full answer Show less

    It is recommended to review ServiceNow upgrade guidelines and the release cycle documentation before applying this patch.

    Key Fixes and Improvements

    • Authentication: Resolves login performance and unresponsiveness issues on iOS 26.2 affecting Now Mobile and Agent apps when connecting to Zurich or later instances.
    • Code Signing Enhancements:
      • Extends code signing validity window from 60 minutes to 4 hours, allowing longer signature validity configurations.
      • Separates code signing operations from the securityadmin role by introducing appropriate role controls, enhancing security and operational management.
      • Enables 'Create Digest' functionality for users with the codesigninguser role without requiring securityadmin privileges, particularly for Flow Designer flows and actions.
    • Database Persistence - Data Access: Fixes text search issues in non-English languages caused by specific property settings.
    • Instance Scan: Addresses scan jobs hanging indefinitely due to asynchronous write failures and counter mismanagement, improving reliability of instance scans.
    • Platform Analytics Dashboard API: Corrects translation overwriting issues on dashboard tabs to preserve translations in multiple languages.
    • Related Lists: Resolves strict ACL checks that prevented users with certain roles from adding records to related lists, improving usability without compromising security.
    • System Events: Implements a thread pool design to ensure subflows with inputs process correctly, eliminating errors during flow execution.
    • Upgrade Center: Fixes Glide version mismatches post-upgrade that caused instances to fail to start, related to the MariaDBI18NSQLFormatter class and a specific system property.
    • Virtual Agent: Mitigates memory pressure issues on 2GB nodes caused by message batching sessions to prevent event processing job failures.
    • Word Document APIs: Enhances support for unzipped font sizes up to 20 MB, doubling the previous limit to accommodate larger files.

    Key Outcomes for ServiceNow Customers

    • Improved login reliability and performance on iOS devices for mobile app users.
    • Enhanced security and operational flexibility in managing code signing with refined role permissions.
    • Better support for multilingual environments with accurate search and dashboard translation handling.
    • Increased stability and reliability of instance scans and upgrade processes, reducing downtime risks.
    • Resolved access control issues improving user productivity when managing related lists.
    • Optimized flow executions and system event handling, preventing errors and ensuring process continuity.
    • Memory usage improvements for Virtual Agent nodes, enhancing performance on lower-memory configurations.
    • Support for larger Word document font sizes, enabling broader document processing capabilities.

    This patch is compatible for upgrade from all prior Zurich Patch 1 through Patch 9 versions, ensuring all included fixes are consolidated.

    The Zurich Patch 9 Hotfix 1 release contains fixes to these problems.

    Build information:
    Build date: 05-21-2026_2126
    Build tag: glide-zurich-07-01-2025__patch9-hotfix1-05-05-2026
    Important:
    For more information about how to upgrade an instance, see ServiceNow upgrades.

    For more information about the release cycle, see the ServiceNow Release Cycle.

    Note:
    This ServiceNow AI Platform® major family release is now available in ServiceNow's Regulated Market environments. For more information about services available in isolated environments, see KB0743854.

    Fixed problem

    Problem Short description Description Steps to reproduce

    Authentication

    PRB1969882

    		 Login screen performance issues on iOS 26.2 RC and in Zurich instances After upgrading to iOS 26.2, users are unable to log in to any instance using the Now Mobile app. The login page is extremely slow or unresponsive, and it can fail to load or accept credentials. The issue affects multiple users and device models. It's reproducible across different instances, and it also impacts the Agent app.
    1. On iOS, navigate to the Now Mobile App.
    2. Connect to a Zurich or later family release instance.

    Observe that the screen loads slowly and is non-responsive.

    Code Signing

    PRB2014768

    		 Increase the code signing validity window maximum from 60 minutes to 4 hours In the 'Scan Signatures' module, the Data source field is incorrectly set to false for records that have valid, successfully created signatures. These signatures return true when validated via a background script. The issue occurs because the effective maximum of com.snc.kmf. signature .validity_window is 60 minutes, which prevents customers from configuring longer validity windows, especially when the consecutive signature generation takes time.
    1. Open an instance.
    2. Navigate to 'Update Set: Test Code Signing Updates'.
    3. Validate that the signature is created for the Data source field.
    4. Select Scan Signature.

    Observe that the signature state for the Data source field still reflects as false.

    Code Signing

    PRB2014831

    		 Scheduled scripts incorrectly appear in 'Update Set Signature States' Currently, users are required to hold the security_admin role to perform code signing operations on update sets. This creates several operational and security challenges. Instead, there should be a separate role that grants the ability to perform code signing operations on update sets and related artifacts within the Code Signing framework. It shouldn't grant access to security policies, ACLs, encryption contexts, or other security administration functions.
    1. Open an instance.
    2. Navigate to 'Update Set: Code Signing Scheduled Jobs'.
    3. Navigate to the tab 'Update Set Signature States'.

    Observe that there's no option to run signing jobs unless elevated to the 'security_admin' role.

    Code Signing

    PRB2014833

    		 Enable digest creation for users with the code signing role For users with the code_signing_user role, the 'Create Digest' functionality should be enabled for Flow Designer flows and actions. The current dependency on the security_admin role should be removed.
    1. Open an instance.
    2. Navigate to 'Update Set: Code Signing Scheduled Jobs'.
    3. Navigate to the tab 'Update Set Signature States'.

    Observe that the user can't generate digest for flows unless they have the 'security_admin' role.

    Database Persistence - Data Access

    PRB2007256

    KB2925734

    		 The text search doesn't return results in non-English languages After downloading language plugins and switching the system language to a non-English language, results aren't returned when the property 'glide.db_query.replace _distinct_with_groupby' is set to 'false.' When the language is set to English, results are returned.

    Refer to the listed KB article for details.

    Instance Scan

    PRB1992382

    KB2901125

    		 Instance scan jobs get stuck in sleep loop for days, which causes the subsequent scans to fail Instance Scan findings are written to the database asynchronously and tracked using a global counter. If any write fails, the counter doesn't decrement properly; it goes up but never comes back down. This causes all future scans to hang indefinitely, waiting for a counter that will never reach zero. There's no timeout or logging to flag this, so scans can get stuck silently.

    Refer to the listed KB article for details.

    Platform Analytics Dashboard API

    PRB2025067

    		 Sys_translated record for par_dashboard_tab is overwritten This can cause translations to be lost.
    1. In English, create a sys_translated record as follows:
      • Label: あいう
      • Table: par_dashboard_tab
      • Element: name
      • Language: ja
      • Value: TabName
    2. Create a PAE Dashboard.
    3. Add a tab with the same name as the sys_translated value (TabName).
    4. Save the dashboard.
    5. Create another dashboard.
    6. Add a tab with the same name as the sys_translated value again.
    7. Save the dashboard.
    8. Switch the language to Japanese.
    9. Return to one of the dashboards.
    10. Rename the tab あいう to さしす.
    11. Check the other dashboard tab.

    Observe that the translation is lost because the sys_translated record is overwritten.

    Related Lists

    PRB2025356

    		 User can't add records in a related list because of strict ACL check and missing ACLs for required roles Users with missing ACLs are not able to add new records in the related list due to a strict ACL check.
    1. Log in as a user with the catalog_admin, delegated_developer, and itil roles.
    2. Navigate to the 'Catalog Task' record page.
    3. Navigate to the Approvers related list.
    4. Select the Edit button.
    5. Add a few members as approvers.
    6. Select Save.

    Notice that no approvers are added in the related list. Required field level ACLs are missing for these roles and there's no way to bypass the strict ACL check.

    System Events

    PRB1939688

    		 Inputs aren't getting processed for subflows with inputs Implement thread pool with the configurations/design. The scope excludes any changes related autoscaling or processing framework (which means it co-exists with the jobs that are already there for flow_engine).
    1. Create a subflow with inputs.
    2. Trigger it.

    Expected behavior: All flows are completed without any errors.

    Actual behavior: A couple flows move to the completed state with an error log for not processing inputs.

    Upgrade Center

    PRB2023239

    KB3015307

    		 Mismatch in Glide version between the Appnode and the Database following the upgrade

    A new code path introduced the MariaDBI18NSQLFormatter class. When the sys_properties record of the 'com.glide.db.session _language_collation_feature' property is set to true, it takes a code path upon upgrade or restart where an instance will not come up. When 'com.glide.db.session _language_collation_feature' is false, the code path exits early and doesn't cause this issue.

    Refer to the listed KB article for details.

    Virtual Agent

    PRB2007255

    		 There's memory pressure on nodes due to high memory for cache 'com.glide.cs.qlue. module.coma. MessageBatchingSession' Users with 2GB nodes may encounter memory issues that can cause the events process jobs to yield.

    Run a heap dump.

    Observe that MacMessageBatchingSession or MessageBatchingSession uses over 50 MB of memory.

    Word Document APIs

    PRB1973625

    		 Support unzipped font size up to 20 MB in Word Doc API The property com.snc.word_doc_api .unzip_word_size_limit_mb supports only up to 10 MB file size. This is an enhancement request to support up to 20 MB.

    Fixes included

    Unless any exceptions are noted, you can safely upgrade to this release version from any of the versions listed below. These prior versions contain PRB fixes that are also included with this release. Be sure to upgrade to the latest listed patch that includes all of the PRB fixes you are interested in.