Skip to content

Update Sysmon changelog through latest release#51

Merged
darkoperator merged 1 commit into
trustedsec:masterfrom
einlamye:guide-pr3-changelog-refresh
Jun 30, 2026
Merged

Update Sysmon changelog through latest release#51
darkoperator merged 1 commit into
trustedsec:masterfrom
einlamye:guide-pr3-changelog-refresh

Conversation

@einlamye

Copy link
Copy Markdown
Contributor

The changelog table had not been updated since v13.01 (January 2021). This adds the major
releases since then, including the event types this guide documents (FileBlockExecutable,
FileBlockShredding, FileExecutableDetected). Each row is sourced from Microsoft or reputable
write-ups; releases that could not be confidently sourced were intentionally omitted rather than
guessed.

Changes

  • chapters/sysmon-changelog.md — added (newest-first):
    • 15.15 (schema 4.90, Jul 23 2024) — memory-constrained hang fix, FsFilter perf, FileBlockShredding/PipeEvent crash fixes.
    • 15.0 (schema 4.90, Jun 27 2023) — service runs as Protected Process Light (PPL); FileExecutableDetected (EventID 29).
    • 14.1 (schema 4.83, Oct 8 2022) — FileBlockShredding (EventID 28).
    • 14.0 (schema 4.82, Aug 2022) — FileBlockExecutable (EventID 27), the first blocking event.

Sources

@darkoperator darkoperator merged commit 141bec0 into trustedsec:master Jun 30, 2026
2 of 4 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants