Skip to content
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions chapters/sysmon-changelog.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,10 @@

| Version | Schema | Features | Release |
|---------|--------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------|
| 15.15 | 4.90 | * Fixes a hang that occurs when memory is constrained.<br>* Improves FsFilter performance.<br>* Fixes two rare crashes related to FileBlockShredding and PipeEvent. | July 23, 2024 |
| 15.0 | 4.90 | * Sysmon service now runs as a Protected Process Light (PPL), hardening it against tampering.<br>* Added FileExecutableDetected (EventID 29) to log creation of new executable (PE) files without blocking.<br>* Fixed a system hang from a network/file-system event interaction. | June 27, 2023 |
| 14.1 | 4.83 | * Added FileBlockShredding (EventID 28) to detect and block file shredding/wiping by tools such as Sysinternals SDelete. | October 8, 2022 |
| 14.0 | 4.82 | * Added FileBlockExecutable (EventID 27) - the first Sysmon event that blocks an action on rule match, blocking creation of executable (PE) files. | August 2022 |
| 13.01 | 4.50 | * Fixed regression bug where several event types where not logged. | January 13, 2021 |
| 13.0 | 4.50 | * Added support for Process Tampering Detection. | January 11, 2021 |
| 12.03 | 4.40 | * fixes reporting and a possible crash condition for PipeEvent and RegistryEvent rules. | November 25, 2020 |
Expand Down
Loading