Stable Sysmon 15.x version.

sreejesh chethil 40 Reputation points
2024-02-21T18:49:30.3166667+00:00

We deployed sysmon v15.12 and ran into an issue with random crash with windows servers. Can you recommend a stable version of sysmon which has a fix to CVE-2023-29343 & CVE-2022-41120. TIA

Sysinternals
Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,120 questions
0 comments No comments
{count} votes

Accepted answer
  1. Raydo Matthee 75 Reputation points
    2024-02-24T04:48:46.6833333+00:00

    For addressing your concern with Sysmon v15.12 crashes, Sysmon v15.14 is recommended as it likely includes stability improvements and patches for CVE-2023-29343 & CVE-2022-41120.

    Ensure to review the change log for v15.14, and test in a controlled environment before deployment. For the most accurate and detailed information, refer to the official Sysmon documentation and Sysmon's GitHub repository.

    For a comprehensive understanding and research on Sysmon, you might explore the following resources:

    • IEEE Xplore: Offers in-depth studies on leveraging Sysmon logs for threat detection. View here.
    • arXiv: Provides insights into serverless computing optimizations, relevant for cloud environments using Sysmon. Read more.
    • GitHub: A hub for Sysmon configurations, rules, and community contributions. Explore topics.
    • Microsoft Learn: The official source for Sysmon documentation, updates, and usage. Check Sysmon documentation.

    These resources cover theoretical and practical aspects of Sysmon, enhancing your understanding of its application in security monitoring.

    This guidance is generated by an AI based on available data, and it's crucial to verify with the latest resources.

    0 comments No comments

0 additional answers

Sort by: Most helpful