HitmanPro.Alert - wersje rozwojowe

Ircus

Bardzo aktywny
Ekspert
Dołączył
26 Maj 2010
Posty
12824
Reakcje/Polubienia
43169
HitmanPro.Alert 3.7.4 build 734 BETA
HitmanPro.Alert 3.7.4 Build 734 BETA

Changelog (compared to
Zaloguj lub Zarejestruj się aby zobaczyć!
)

  • Improved Credential Theft Protection, which now terminates applications that attempt to access LSASS in an offending way.
  • Improved error handling when activating a trial or product key
  • Improved startup time of the HitmanPro.Alert Service
  • Improved mini-filter performance which speeds-up CryptoGuard
  • Improved CryptoGuard to handle compressed PDF files more accurately
  • Improved Application Lockdown with detailed thumbprint generation for script-based attacks and to block abuse of Certutil and Python
  • Improved event logging of APC mitigation alerts
  • Added Event ID 800 (malware detected) to the custom HitmanPro.Alert view in the Windows Event Log
  • Added malware detections to the "Number of alerts" counter on the HitmanPro.Alert user interface
  • Added support for Spectre mitigations; i.e. our binaries are now compiled with /Qspectre compiler switch
  • Added offline indicator when the HitmanPro Anti-Malware Cloud is unreachable
  • Fixed the "Scan failed" issue which could occur when pressing the "Scan Computer" or "Scan with HitmanPro" button
  • Fixed unexpected behavior of Safe Browsing to improve detection and prevent false positives
  • Fixed issue that prevented proper disabling of Exploit Mitigations on Java binaries
  • Fixed rare issue that caused a hanging thread (locked a file) when CryptoGuard creates a file backup
  • Fixed an issue with code injection on Windows XP
  • Fixed an issue with the Reflective DLL Injection mitigation (part of Load Library mitigation)
  • Fixed an issue with the Windows 10 Start Menu
  • Fixed an issue when importing previously exported settings
  • Fixed a rare issue that could cause a BSoD mentioning partmgr.sys
  • Several other minor fixes and improvements
Download (with drivers co-signed by Microsoft)
Zaloguj lub Zarejestruj się aby zobaczyć!
 

Ircus

Bardzo aktywny
Ekspert
Dołączył
26 Maj 2010
Posty
12824
Reakcje/Polubienia
43169
HitmanPro.Alert 3.7.7 Build 746 BETA
Changelog (compared to
Zaloguj lub Zarejestruj się aby zobaczyć!
)

  • Improved General performance
  • Improved Credential Theft Protection, LSASS protection
  • Improved Java mitigation profile, removed obsolete protections for Java processes
  • Improved Intruder detection for trickbot
  • Improved Office & IE11 compatibility
  • Added wmic.exe to Application Lockdown to block abuse used in SquiblyTwo attack
  • Added Japanese language
  • Fixed Bug in mono (.NET xPlatform lib) causing a CallerCheck
  • Fixed IE Godmode False positives
  • Fixed Potential BSOD in CryptoGuard
  • Fixed LoadLib Alert in Firefox when loading NPAPI plugin(s)
  • Fixed Windows 7 hanging on shutdown
  • Fixed WipeGuard on Hyper-V guest systems
  • Several other minor fixes and improvements
Zaloguj lub Zarejestruj się aby zobaczyć!
 

Ircus

Bardzo aktywny
Ekspert
Dołączył
26 Maj 2010
Posty
12824
Reakcje/Polubienia
43169
HitmanPro.Alert 3.7.8 Build 750 Release Candidate
Changelog (compared to
Zaloguj lub Zarejestruj się aby zobaczyć!
)

  • Improved process startup performance of applications protected with Exploit Mitigations
  • Improved Hardware Assisted Control-Flow Integrity (HA-CFI) performance by increasing the LBR stack-pool
  • Improved Code Cave Mitigation
  • Improved Asynchronous Procedure Call (APC) Mitigation
  • Improved Thumbprint technology on the CallerCheck exploit mitigation, which now allows us to whitelist e.g. a CreateProcess from the 1Password just-in-time .NET code running inside a web browser or Outlook as a plug-in
  • Fixed a crash occurring during a specific ROP exploit attack, e.g. during attack on CVE-2018-9958
  • Fixed issue with Microsoft Edge browser on Windows 10 Redstone 4 32-bit (x86)
  • Fixed a false positive in Chrome caused by the Dynamic Heap Spray exploit mitigation
  • Added a workaround for an issue with Chrome 67 (and newer) which triggered our Hardware Assisted Control-Flow Integrity (HA-CFI) now Chrome generates ROP chains on the fly for a legitimate reason. Note that the workaround is we disabled the use of LBR records during ROP checks on Chrome 67 (and newer).
  • Added list of loaded modules to the alert details of the WipeGuard and CryptoGuard modules, to help with triaging attacks originating from trusted processes
Download (with drivers co-signed by Microsoft)
Zaloguj lub Zarejestruj się aby zobaczyć!
 

Ircus

Bardzo aktywny
Ekspert
Dołączył
26 Maj 2010
Posty
12824
Reakcje/Polubienia
43169
HitmanPro.Alert 3.7.8 Build 751 Release
As many of you noticed, HitmanPro.Alert ran into an issue yesterday. The issue was caused by the Microsoft Azure node in Europe and mainly affected users located in the EU. As some of you know, we temporarily switched EU users to the node in the United States as a workaround.
In the meantime, we found the issue that caused the crash of our HitmanPro.Alert Service. We also crafted a proper fix and, at this very moment, all our users are updated automatically to HitmanPro.Alert 3.7.8 build 751.

Release notes (compared to build 750)
  • Fixed issue with cloud communication component.
Zaloguj lub Zarejestruj się aby zobaczyć!
 

Ircus

Bardzo aktywny
Ekspert
Dołączył
26 Maj 2010
Posty
12824
Reakcje/Polubienia
43169
HitmanPro.Alert 3.7.9 Build 759 Release
HitmanPro.Alert 3.7.9 Build 759 Release Candidate

Changelog (compared to
Zaloguj lub Zarejestruj się aby zobaczyć!
)

  • Added Mitigation of local privilege escalation via Task Scheduler (CVE-2018-8440 / @SandboxEscaper)
  • Added Compatibility with Windows 10 Redstone 5
  • Improved WipeGuard mitigation handling VBR sectors
  • Improved Asynchronous Procedure Call (APC) Mitigation
  • Improved SEHOP mitigation performance improvement
  • Improved Compatibility with 3rd party products that use PUSH/RET in their API hooks
  • Improved Windows Vista code injection
  • Fixed Compatibility with Windows XP Embedded POSReady 2009
  • Fixed Compatibility with Microsoft Edge Application Guard (WDAG) failed to start
  • Fixed Compatibility with Microsoft Hyper-V failed to start
  • Fixed Compatibility with F-Secure DeepGuard
  • Fixed False positive ROP detection (stack-based) in Google Chrome 69 caused by (DRM) widevinecdm.dll
  • Fixed Security issue (CVE assigned)
  • Updated Botan 2.7.0
  • Updated Sqlite 3.24.0
  • Updated All code compiled with Visual Studio C++ 15.8.4
  • Disabled hardware-assisted ROP mitigation on Chrome 67 (or newer) due to their use of RETpoline
  • Removed Network Lockdown mitigation (deprecated) / hmpnet.sys



Zaloguj lub Zarejestruj się aby zobaczyć!
 

Ircus

Bardzo aktywny
Ekspert
Dołączył
26 Maj 2010
Posty
12824
Reakcje/Polubienia
43169
HitmanPro.Alert 3.7.9 Build 761 ( beta )
HitmanPro.Alert 3.7.9 Build 761 BETA

Changelog (compared to
Zaloguj lub Zarejestruj się aby zobaczyć!


Added
  • Improved Shellcode mitigation (system-wide) to detect backdoor stage/payload on the heap
  • Improved Code Cave mitigation (system-wide) to detect rare Shellter Pro binaries configured with uncommon evasions technique
Improved
  • CryptoGuard to block specific variants of the Dharma ransomware, that include needless action to thwart behavior monitoring
  • Dynamic Heap Spray Mitigation to allow certain memory block patterns
Fixed
  • Compatibility issue with ESET Smart Security in combination with Google Chrome
  • Rare BSOD in WipeGuard when it was running out of stack
  • Process Protection user interface menu now correctly disables the features when no valid license is present
  • Automatic update when running HitmanPro.Alert in Anti-Ransomware (CryptoGuard) only
Zaloguj lub Zarejestruj się aby zobaczyć!
 

OXYGEN THIEF

Bardzo aktywny
Członek Załogi
Administrator
Dołączył
26 Maj 2010
Posty
35550
Reakcje/Polubienia
24586
Miasto
Trololololo
HitmanPro.Alert 3.7.9 Build 763 Release Candidate

Changelog (compared to
Zaloguj lub Zarejestruj się aby zobaczyć!


Added
  • New Lolbin to Application Lockdown
Improved
  • Code Cave mitigation (system-wide) to detect rare Shellter Pro binaries configured with uncommon evasions technique
  • Dynamic Heap Spray Mitigation to allow certain memory block patterns
Fixed
  • Auto update when installed in CryptoGuard only mode
Download
Zaloguj lub Zarejestruj się aby zobaczyć!
 

Ircus

Bardzo aktywny
Ekspert
Dołączył
26 Maj 2010
Posty
12824
Reakcje/Polubienia
43169

al

Marszałek Forum
Członek Załogi
Administrator
Dołączył
22 Lipiec 2012
Posty
9844
Reakcje/Polubienia
10469
Miasto
Somewhere over the rainbow.
HitmanPro.Alert 3.7.9 Build 767 Release Candidate 3

Changelog (compared to
Zaloguj lub Zarejestruj się aby zobaczyć!
Added
  • Dynamic Shellcode Mitigation (Helps prevent threat actors from loading unsafe code into memory) protection can now be turned on/off - however the mitigation is still in detect only mode.
Improved
  • Reduction of false-positives for DEP alerts in case of crashing applications.
  • Reduction of false-positives for Code Cave alerts on .NET applications.
Fixed
  • WipeGuard can now handle disks with other sector sizes than 512.
  • CodeCave triggered falsely during process initialization.

Zaloguj lub Zarejestruj się aby zobaczyć!
 

al

Marszałek Forum
Członek Załogi
Administrator
Dołączył
22 Lipiec 2012
Posty
9844
Reakcje/Polubienia
10469
Miasto
Somewhere over the rainbow.

OXYGEN THIEF

Bardzo aktywny
Członek Załogi
Administrator
Dołączył
26 Maj 2010
Posty
35550
Reakcje/Polubienia
24586
Miasto
Trololololo

OXYGEN THIEF

Bardzo aktywny
Członek Załogi
Administrator
Dołączył
26 Maj 2010
Posty
35550
Reakcje/Polubienia
24586
Miasto
Trololololo

OXYGEN THIEF

Bardzo aktywny
Członek Załogi
Administrator
Dołączył
26 Maj 2010
Posty
35550
Reakcje/Polubienia
24586
Miasto
Trololololo
Do góry