4 Windows Sysinternals tools got updates today. These are Process Explorer v16.32, Sysmon v11.0, Coreinfo v3.5, and LiveKD v5.63 that received some bug fixes through the release.
You can download the updated version of the Sysinternals utilities from the bottom section here.
Table of Contents
Process Explorer v16.32, Sysmon v11.0, and LiveKD Coreinfo v3.5 Changelog
Here is the Changelog –
Process Explorer v16.32
Process Explorer v16.32 fixes the application icon in the tree view that was shown incorrectly.
Sysmon v11.0
This major update to Sysmon incorporates file delete monitoring and archive to help responders capture attacker tools. The release replaces empty fields with ‘-‘ to solve a WEF bug and adds an option to disable reverse DNS lookup. Furthermore, it fixes an issue that leads to some ProcessAccess events to drop and does not hash the main data streams that are marked as being stored in the cloud.
Coreinfo v3.5
You know Coreinfo is the tool to show system CPU, memory, and cache topology and information of a system. With this update, it will now onward reports the status of restricted guest virtualization on Intel platforms.
LiveKD v5.63
This release resolves a regression with enumerating and dumping Hyper-V partitions on recent editions of Windows 10.
See – How to Update Entire Windows Sysinternals Tools automatically Otherwise, Download the updated Sysinternals utilities latest version –
1] https://download.sysinternals.com/files/ProcessExplorer.zip
2] https://download.sysinternals.com/files/Sysmon.zip
2] https://download.sysinternals.com/files/Coreinfo.zip
3] https://docs.microsoft.com/en-us/sysinternals/downloads/livekd
That’s all!!!