From 8fdc0fe42723025f27ee8e286bc2587e61d6e033 Mon Sep 17 00:00:00 2001 From: EinLamYe Date: Tue, 30 Jun 2026 06:43:48 +0000 Subject: [PATCH] Update Sysmon changelog through latest release --- chapters/sysmon-changelog.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/chapters/sysmon-changelog.md b/chapters/sysmon-changelog.md index a6915bf..786e730 100644 --- a/chapters/sysmon-changelog.md +++ b/chapters/sysmon-changelog.md @@ -2,6 +2,10 @@ | Version | Schema | Features | Release | |---------|--------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------| +| 15.15 | 4.90 | * Fixes a hang that occurs when memory is constrained.
* Improves FsFilter performance.
* Fixes two rare crashes related to FileBlockShredding and PipeEvent. | July 23, 2024 | +| 15.0 | 4.90 | * Sysmon service now runs as a Protected Process Light (PPL), hardening it against tampering.
* Added FileExecutableDetected (EventID 29) to log creation of new executable (PE) files without blocking.
* Fixed a system hang from a network/file-system event interaction. | June 27, 2023 | +| 14.1 | 4.83 | * Added FileBlockShredding (EventID 28) to detect and block file shredding/wiping by tools such as Sysinternals SDelete. | October 8, 2022 | +| 14.0 | 4.82 | * Added FileBlockExecutable (EventID 27) - the first Sysmon event that blocks an action on rule match, blocking creation of executable (PE) files. | August 2022 | | 13.01 | 4.50 | * Fixed regression bug where several event types where not logged. | January 13, 2021 | | 13.0 | 4.50 | * Added support for Process Tampering Detection. | January 11, 2021 | | 12.03 | 4.40 | * fixes reporting and a possible crash condition for PipeEvent and RegistryEvent rules. | November 25, 2020 |