Sysmon v11.0, LiveKD v5.63, Process Explorer v16.32, Coreinfo v3.5

Published Apr 28 2020 12:45 PM 5,327 Views
Sysmon v11.0
This major update to Sysmon includes file delete monitoring and archive to help responders capture attacker tools, adds an option to disable reverse DNS lookup, replaces empty fields with ‘-‘ to work around a WEF bug, fixes an issue that caused some ProcessAccess events to drop, and doesn’t hash main data streams that are marked as being stored in the cloud.
LiveKD v5.63
This update fixes a regression with enumerating and dumping Hyper-V partitions on recent versions of Windows 10.
Coreinvo v3.5
This release of Coreinfo, a tool that shows system CPU, memory and cache topology and information, now reports the status of restricted guest virtualization on Intel platforms.
Process Explorer v16.32
This update resolves an issue where the application icon in the tree view was displayed incorrectly.
Version history
Last update:
‎Apr 28 2020 12:45 PM
Updated by: