Sysmon v11.10, Sigcheck v2.80, Autoruns v13.98

Published Jun 24 2020 12:20 AM 3,536 Views
Microsoft
Sysmon v11.10
This update to Sysmon logs stream content for alternate data streams, introduces the `is-any` filter condition and includes a number of important bugfixes.
 
Sigcheck v2.80
Sigcheck, a flexible tool for showing file versions, file signatures, and certificate stores, introduces a -p option for specifying a trust GUID for signature verification, and it now shows certificate signing chains even when a certificate in the chain is untrusted.
 
Autoruns v13.98

This release of Autoruns resolves an issue where Microsoft Defender binaries were being flagged as unsigned.

 

Watch Mark Russinovich discuss these including demos of the new features in Sysmon and Sigcheck at https://youtu.be/HCZlJDKUqn0

%3CLINGO-SUB%20id%3D%22lingo-sub-1485287%22%20slang%3D%22en-US%22%3ESysmon%20v11.10%2C%20Sigcheck%20v2.80%2C%20Autoruns%20v13.98%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1485287%22%20slang%3D%22en-US%22%3E%3CDIV%3E%0A%3CDIV%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20inherit%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20line-height%3A%201.7142%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%22%3E%3CSPAN%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%230000ff%3B%20font-family%3A%20%26amp%3Bquot%3B%22%3ESysmon%26nbsp%3Bv11.10%3C%2FSPAN%3E%3C%2FDIV%3E%0A%3C%2FDIV%3E%0A%3CDIV%3EThis%20update%20to%20Sysmon%20logs%20stream%20content%20for%20alternate%20data%20streams%2C%20introduces%20the%20%60is-any%60%20filter%20condition%20and%20includes%20a%20number%20of%20important%20bugfixes.%3C%2FDIV%3E%0A%3CDIV%3E%26nbsp%3B%3C%2FDIV%3E%0A%3CDIV%3E%3CFONT%20style%3D%22background-color%3A%20%23ffffff%3B%22%3E%3CSPAN%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%230000ff%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoeui%26amp%3Bquot%3B%2C%26amp%3Bquot%3Blato%26amp%3Bquot%3B%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Carial%2Csans-serif%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%22%3ESigcheck%20v2.80%3C%2FSPAN%3E%3CBR%20%2F%3ESigcheck%2C%20a%20flexible%20tool%20for%20showing%20file%20versions%2C%20file%20signatures%2C%20and%20certificate%20stores%2C%20introduces%20a%20-p%20option%20for%20specifying%20a%20trust%20GUID%20for%20signature%20verification%2C%20and%20it%20now%20shows%20certificate%20signing%20chains%20even%20when%20a%20certificate%20in%20the%20chain%20is%20untrusted.%3CBR%20%2F%3E%3C%2FFONT%3E%3C%2FDIV%3E%0A%3CDIV%3E%26nbsp%3B%3C%2FDIV%3E%0A%3CDIV%3E%3CFONT%20style%3D%22background-color%3A%20%23ffffff%3B%22%3E%3CSTRONG%3E%3CSPAN%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%230000ff%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoeui%26amp%3Bquot%3B%2C%26amp%3Bquot%3Blato%26amp%3Bquot%3B%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Carial%2Csans-serif%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%22%3EAutoruns%20v13.98%3C%2FSPAN%3E%3C%2FSTRONG%3E%3CBR%20%2F%3E%3C%2FFONT%3E%3C%2FDIV%3E%0A%3CDIV%3E%0A%3CP%3EThis%20release%20of%20Autoruns%20resolves%20an%20issue%20where%20Microsoft%20Defender%20binaries%20were%20being%20flagged%20as%20unsigned.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EWatch%20Mark%20Russinovich%20discuss%20these%20including%20demos%20of%20the%20new%20features%20in%20Sysmon%20and%20Sigcheck%20at%20-ERR%3AREF-NOT-FOUND-%3CA%20href%3D%22https%3A%2F%2Fyoutu.be%2FHCZlJDKUqn0%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fyoutu.be%2FHCZlJDKUqn0%3C%2FA%3E%3C%2FP%3E%0A%3C%2FDIV%3E%3C%2FLINGO-BODY%3E%3CLINGO-TEASER%20id%3D%22lingo-teaser-1485287%22%20slang%3D%22en-US%22%3E%3CP%3ELearn%20about%20the%20latest%20changes%20to%20Sysmon%20(v11.10)%2C%20Sigcheck%20(v2.80)%20and%20Autoruns%20(v13.98)%3C%2FP%3E%3C%2FLINGO-TEASER%3E
Version history
Last update:
‎Jun 24 2020 03:17 AM
Updated by:
www.000webhost.com