%3CLINGO-SUB%20id%3D%22lingo-sub-725961%22%20slang%3D%22en-US%22%3EUpdates%3A%20VMMap%20v3.1%2C%20RAMMap%20v1.11%2C%20Handle%20v3.46%2C%20Process%20Explorer%20v14.12%20and%20Mark%E2%80%99s%20Blog%3A%20Analyzing%20a%20Stuxnet%20Infection%20with%20the%20Sysinternals%20Tools%2C%20Part%203%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-725961%22%20slang%3D%22en-US%22%3E%0A%20%26lt%3Bmeta%20http-equiv%3D%22Content-Type%22%20content%3D%22text%2Fhtml%3B%20charset%3DUTF-8%22%20%2F%26gt%3B%3CSTRONG%3E%20First%20published%20on%20TechNet%20on%20May%2018%2C%202011%20%3C%2FSTRONG%3E%20%3CBR%20%2F%3E%3CDIV%20class%3D%22mcePaste%22%20id%3D%22_mcePaste%22%20style%3D%22position%3A%20absolute%3B%20width%3A%201px%3B%20height%3A%201px%3B%20overflow%3A%20hidden%3B%20top%3A%200px%3B%20left%3A%20-10000px%3B%22%3E%3F%3C%2FDIV%3E%3CBR%20%2F%3E%3CP%3E%3CA%20href%3D%22http%3A%2F%2Ftechnet.microsoft.com%2Fen-us%2Fsysinternals%2Fdd535533%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3E%20VMMap%20v3.1%20%3C%2FA%3E%20%3A%20VMMap%2C%20a%20process%20virtual%20and%20physical%20memory%20analyzer%2C%20now%20shows%20the%20ASLR%20status%20of%20images%20and%20reports%20%E2%80%9Cunusable%E2%80%9D%20virtual%20memory%20regions.%3C%2FP%3E%3CBR%20%2F%3E%3CP%3E%3CA%20href%3D%22http%3A%2F%2Ftechnet.microsoft.com%2Fen-us%2Fsysinternals%2Fff700229%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3E%20RAMMap%20v1.11%20%3C%2FA%3E%20%3A%26nbsp%3BThis%20update%20to%20RAMMap%2C%20a%20system%20memory%20usage%20analyzer%2C%20adds%20command-line%20options%20for%20loading%20files%20and%20exporting%20scans%2C%20creates%20a%20file%20association%20and%20fixes%20several%20bugs.%3C%2FP%3E%3CBR%20%2F%3E%3CP%3E%3CA%20href%3D%22http%3A%2F%2Ftechnet.microsoft.com%2Fen-us%2Fsysinternals%2Fbb896655%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3E%20Handle%20v3.46%20%3C%2FA%3E%20%3A%20This%20update%20has%20Handle%20use%20the%20same%20helper%20driver%20as%20Process%20Explorer.%3C%2FP%3E%3CBR%20%2F%3E%3CP%3E%3CA%20href%3D%22http%3A%2F%2Ftechnet.microsoft.com%2Fen-us%2Fsysinternals%2Fbb896653%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3E%20Process%20Explorer%20v14.12%20%3C%2FA%3E%20%3A%20This%20update%20fixes%20a%20bug%20that%20prevents%20removal%20of%20tray%20icons%20under%20certain%20conditions.%3C%2FP%3E%3CBR%20%2F%3E%3CP%3E%3CA%20href%3D%22http%3A%2F%2Fblogs.technet.com%2Fb%2Fmarkrussinovich%2Farchive%2F2011%2F05%2F10%2F3422212.aspx%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3E%20Mark%E2%80%99s%20Blog%3A%20Analyzing%20a%20Stuxnet%20Infection%20with%20the%20Sysinternals%20Tools%2C%20Part%203%20%3C%2FA%3E%20%3A%20Mark%20wraps%20up%20his%20three-part%20series%20that%20shows%20how%20Process%20Monitor%2C%20Process%20Explorer%2C%20Autoruns%20and%20VMMap%20provide%20a%20comprehensive%20overview%20of%20the%20infection%20steps%20and%20operation%20of%20the%20infamous%20Stuxnet%20virus.%3C%2FP%3E%3CBR%20%2F%3E%3CP%3E%3C%2FP%3E%0A%20%0A%3C%2FLINGO-BODY%3E%3CLINGO-TEASER%20id%3D%22lingo-teaser-725961%22%20slang%3D%22en-US%22%3EFirst%20published%20on%20TechNet%20on%20May%2018%2C%202011%20%3FVMMap%20v3.%3C%2FLINGO-TEASER%3E%3CLINGO-LABS%20id%3D%22lingo-labs-725961%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3Ehandle%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3Emarks%20blog%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3Eprocess%20explorer%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3Erammap%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3Evmmap%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Microsoft
First published on TechNet on May 18, 2011
?

VMMap v3.1 : VMMap, a process virtual and physical memory analyzer, now shows the ASLR status of images and reports “unusable” virtual memory regions.


RAMMap v1.11 : This update to RAMMap, a system memory usage analyzer, adds command-line options for loading files and exporting scans, creates a file association and fixes several bugs.


Handle v3.46 : This update has Handle use the same helper driver as Process Explorer.


Process Explorer v14.12 : This update fixes a bug that prevents removal of tray icons under certain conditions.


Mark’s Blog: Analyzing a Stuxnet Infection with the Sysinternals Tools, Part 3 : Mark wraps up his three-part series that shows how Process Monitor, Process Explorer, Autoruns and VMMap provide a comprehensive overview of the infection steps and operation of the infamous Stuxnet virus.