Home
%3CLINGO-SUB%20id%3D%22lingo-sub-726095%22%20slang%3D%22en-US%22%3ESysmon%20v9.0%2C%20Autoruns%20v13.94%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-726095%22%20slang%3D%22en-US%22%3E%0A%20%26lt%3Bmeta%20http-equiv%3D%22Content-Type%22%20content%3D%22text%2Fhtml%3B%20charset%3DUTF-8%22%20%2F%26gt%3B%3CSTRONG%3EFirst%20published%20on%20TechNet%20on%20Feb%2019%2C%202019%20%3C%2FSTRONG%3E%20%3CBR%20%2F%3E%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fsysinternals%2Fdownloads%2Fsysmon%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3E%20Sysmon%209.0%20%3C%2FA%3E%20%3CBR%20%2F%3E%20%3CSPAN%3E%20Sysmon%20v9.0%20introduces%20rule%20groups%20that%20enable%20the%20specification%20of%20AND%20or%20OR%20matching%20logic%20across%20a%20set%20of%20rules.%20It%20also%20fixes%20a%20memory%20leak%20in%20signature%20verification.%20%3C%2FSPAN%3E%20%3CBR%20%2F%3E%20%3CBR%20%2F%3E%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fsysinternals%2Fdownloads%2Fautoruns%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3EAutoruns%2013.94%20%3C%2FA%3E%20%3CBR%20%2F%3E%20%3CSPAN%3E%20This%20Autoruns%20update%20fixes%20a%20bug%20that%20prevented%20the%20correct%20display%20of%20the%20target%20of%20image%20hosts%20such%20as%20svchost.exe%2C%20rundll32.exe%2C%20and%20cmd.exe.%20%3C%2FSPAN%3E%3C%2FLINGO-BODY%3E%3CLINGO-TEASER%20id%3D%22lingo-teaser-726095%22%20slang%3D%22en-US%22%3EFirst%20published%20on%20TechNet%20on%20Feb%2019%2C%202019%20Sysmon%209.%3C%2FLINGO-TEASER%3E%3CLINGO-LABS%20id%3D%22lingo-labs-726095%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3Eautoruns%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3Esysmon%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Microsoft
First published on TechNet on Feb 19, 2019
Sysmon 9.0
Sysmon v9.0 introduces rule groups that enable the specification of AND or OR matching logic across a set of rules. It also fixes a memory leak in signature verification.

Autoruns 13.94
This Autoruns update fixes a bug that prevented the correct display of the target of image hosts such as svchost.exe, rundll32.exe, and cmd.exe.