Update: Sysmon v4.12, Autologon v3.1, Sigcheck v2.54, Process Monitor v3.31
This release of Sysmon, an advanced background monitor that records process-related activity to the event log for use in intrusion detection and forensics, introduces more powerful filtering capabilities, now reports the status of CRL checking and fixes a bug where certain configuration files could cause the driver to blue screen.
This update to Sigcheck, a command-line utility that reports detailed information about images, including their signatures and VirusTotal status, as well as certificate stores, fixes a bug that could result in it reporting signed files that have been modified as having a valid signature.
Autologon, a utility that configures Windows to automatically log on a specified user account after booting, now validates the entered credentials before accepting them.
Process Monitor v3.31
This release of Process Monitor, an advanced real-time file system, registry, process, image and network monitoring tool, fixes a bugs that caused it to crash when processing some boot logs and when saving logged events to a backing file.