{"id":8693,"date":"2019-02-23T00:07:00","date_gmt":"2019-02-22T23:07:00","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=8693"},"modified":"2019-02-21T15:00:16","modified_gmt":"2019-02-21T14:00:16","slug":"sysmon-v9-0-and-autoruns-v13-94-release","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2019\/02\/23\/sysmon-v9-0-and-autoruns-v13-94-release\/","title":{"rendered":"SYSMON v9.0 and AUTORUNS v13.94 release"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline\" src=\"http:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2013\/03\/winb.jpg\" width=\"58\" align=\"left\" height=\"58\">Just a short note for Windows users and administrators. Mark Russinovich released the tools SYSMON v9.0 and AUTORUNS v13.94 from the Sysinternals suite on February 19, 2019. <\/p>\n<p><!--more--><\/p>\n<p>It had already been expected for a few days, as I noticed see from various tweets. Then I was already informed about the update on Thursday by the following tweet (thanks to @PhantomofMobile).<\/p>\n<blockquote class=\"twitter-tweet\" data-lang=\"de\">\n<p lang=\"en\" dir=\"ltr\">SYSMON v9.0 and AUTORUNS v13.94 HAVE BEEN RELEASED:<br \/>There still maybe some delay in realizing.<\/p>\n<p>ICYMI: <a href=\"https:\/\/twitter.com\/SBSDiva?ref_src=twsrc%5Etfw\">@SBSDiva<\/a> <a href=\"https:\/\/twitter.com\/AskWoody?ref_src=twsrc%5Etfw\">@AskWoody<\/a> <a href=\"https:\/\/twitter.com\/AdminKirsty?ref_src=twsrc%5Etfw\">@AdminKirsty<\/a> <a href=\"https:\/\/twitter.com\/thurrott?ref_src=twsrc%5Etfw\">@thurrott<\/a> <a href=\"https:\/\/twitter.com\/maryjofoley?ref_src=twsrc%5Etfw\">@maryjofoley<\/a> <a href=\"https:\/\/twitter.com\/bdsams?ref_src=twsrc%5Etfw\">@bdsams<\/a> <a href=\"https:\/\/twitter.com\/mehedih_?ref_src=twsrc%5Etfw\">@mehedih_<\/a> <a href=\"https:\/\/twitter.com\/ruthm?ref_src=twsrc%5Etfw\">@ruthm<\/a> <a href=\"https:\/\/twitter.com\/SwiftOnSecurity?ref_src=twsrc%5Etfw\">@SwiftOnSecurity<\/a> <a href=\"https:\/\/twitter.com\/pcper?ref_src=twsrc%5Etfw\">@pcper<\/a> <a href=\"https:\/\/twitter.com\/MalwareJake?ref_src=twsrc%5Etfw\">@MalwareJake<\/a> <a href=\"https:\/\/twitter.com\/tweet_alqamar?ref_src=twsrc%5Etfw\">@tweet_alqamar<\/a> <a href=\"https:\/\/twitter.com\/JobCacka?ref_src=twsrc%5Etfw\">@JobCacka<\/a> <a href=\"https:\/\/twitter.com\/etguenni?ref_src=twsrc%5Etfw\">@etguenni<\/a><a href=\"https:\/\/t.co\/oOZMOgkSE9\">https:\/\/t.co\/oOZMOgkSE9<\/a><\/p>\n<p>\u2014 Crysta T. Lacey (@PhantomofMobile) <a href=\"https:\/\/twitter.com\/PhantomofMobile\/status\/1098437889023664128?ref_src=twsrc%5Etfw\">21. Februar 2019<\/a><\/p><\/blockquote>\n<p><span id=\"preserve7b62e6e0f13b4d70af623b14221d09ad\" class=\"wlWriterPreserve\"><SCRIPT charset=\"utf-8\" src=\"https:\/\/platform.twitter.com\/widgets.js\" async><\/SCRIPT><\/span>  <\/p>\n<p>The description of the changes in <a href=\"https:\/\/blogs.technet.microsoft.com\/sysinternals\/2019\/02\/19\/sysmon-v9-0-autoruns-v13-94\/\" target=\"_blank\">this Technet art<\/a>icle is very compact &#8211; there are smaller fixes and group rules in Sysmon:&nbsp; <\/p>\n<ul>\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/sysinternals\/downloads\/sysmon\" target=\"_blank\">Sysmon 9.0<\/a>; Sysmon v9.0 introduces rule groups that enable the specification of AND or OR matching logic across a set of rules. It also fixes a memory leak in signature verification.<\/li>\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/sysinternals\/downloads\/autoruns\" target=\"_blank\">Autoruns 13.94<\/a>: This Autoruns update fixes a bug that prevented the correct display of the target of image hosts such as svchost.exe, rundll32.exe, and cmd.exe. <\/li>\n<\/ul>\n<p>The links points to the descriptions with the download addresses of these free tools.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Just a short note for Windows users and administrators. Mark Russinovich released the tools SYSMON v9.0 and AUTORUNS v13.94 from the Sysinternals suite on February 19, 2019.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1547,22],"tags":[677,1836],"class_list":["post-8693","post","type-post","status-publish","format-standard","hentry","category-software","category-update","tag-sysinternals-tools","tag-udate"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/8693","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=8693"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/8693\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=8693"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=8693"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=8693"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}