HitmanPro.Alert 歷史舊版本 Page3

更新時間：2021-04-20
更新細節：

What's new in this version:

Added:
- Add more environment variables needed for configure scripts: MSYSTEM_PREFIX, MSYSTEM_CARCH, MSYSTEM_CHOST, MINGW_CHOST, MINGW_PREFIX

Changed:
- Update to OpenSSL-1.1.1k
- Update of the SSL CA certificate list
- ridk version: Avoid possible crash due to invalid encoding
- Install pkgconf instead of pkg-config on x86_64 following the change of MSYS2
- Avoid creation of .irbrc if directory isn't writeable
- Update the pacman repos in part 2 in addition to part 1

更新時間：2021-04-20
更新細節：

What's new in this version:

Added:
- Add more environment variables needed for configure scripts: MSYSTEM_PREFIX, MSYSTEM_CARCH, MSYSTEM_CHOST, MINGW_CHOST, MINGW_PREFIX

Changed:
- Update to OpenSSL-1.1.1k
- Update of the SSL CA certificate list
- ridk version: Avoid possible crash due to invalid encoding
- Install pkgconf instead of pkg-config on x86_64 following the change of MSYS2
- Avoid creation of .irbrc if directory isn't writeable
- Update the pacman repos in part 2 in addition to part 1

更新時間：2021-04-20
更新細節：

What's new in this version:

Added:
- Add more environment variables needed for configure scripts: MSYSTEM_PREFIX, MSYSTEM_CARCH, MSYSTEM_CHOST, MINGW_CHOST, MINGW_PREFIX

Changed:
- Update to OpenSSL-1.1.1k
- Update of the SSL CA certificate list
- ridk version: Avoid possible crash due to invalid encoding
- Install pkgconf instead of pkg-config on x86_64 following the change of MSYS2
- Avoid creation of .irbrc if directory isn't writeable
- Update the pacman repos in part 2 in addition to part 1

更新時間：2021-04-20
更新細節：

What's new in this version:

Added:
- Add more environment variables needed for configure scripts: MSYSTEM_PREFIX, MSYSTEM_CARCH, MSYSTEM_CHOST, MINGW_CHOST, MINGW_PREFIX

Changed:
- Update to ruby-2.5.9, see release notes
- Update to OpenSSL-1.1.1k
- Update of the SSL CA certificate list
- ridk version: Avoid possible crash due to invalid encoding
- Install pkgconf instead of pkg-config on x86_64 following the change of MSYS2
- Avoid creation of .irbrc if directory isn't writeable
- Update the pacman repos in part 2 in addition to part 1

更新時間：2021-04-14
更新細節：

更新時間：2021-02-02
更新細節：

更新時間：2020-12-28
更新細節：

What's new in this version:

- Encoding.default_encoding and filesystem encoding is now UTF-8
- The UTF-8 option is removed from the installer
- Legacy console encoding can still be set manually per RUBYOPT=-Elocale

更新時間：2020-12-07
更新細節：

What's new in this version:

Changed:
- When crawling for the first time, if the user-entered URL redirects (for example http to https or to www), WebCopy will now prompt to use the final URL

Fixed:
- Changing the URL of an existing project caused further crawling to instantly fail if the domain of the new URL did not match the old [#367] (regression in 1.8.1)
- Added a speculative fix for a hang when crawling a website with the experimental "use web browser" option enabled
- The GUI client now correctly allows unescaped URLs to be entered
- When using the "Use query string in local file names" option, WebCopy now correctly sanitises the query string
- Fixed a crash that occurred when trying to empty the destination folder using the 64bit version of WebCopy

Removed:
- Aero glass effects used by Windows 7 have been removed

更新時間：2020-12-07
更新細節：

What's new in this version:

HitmanPro.Alert 3.8.8 Build 887
Added:
- HeapHeapProtect: Code running in dynamic memory, in RUNDLL32.EXE and REGSVR32.EXE, can no longer manipulate other dynamic memory. This proactively helps against many backdoor tools, trojans and ransomware families.
- Tamper Protection by filtering process and thread handles against terminate, suspend and injection. Also added menu item to settings menu
- Automatic protection of Microsoft Access against exploitation
- DLL Hijacking protection on HitmanPro malware scanner to prevent privilege escalation

Improved:
- Alert report now includes a list of services if a process runs as a service
- CryptoGuard-only now also enables anti-malware
- GUI: Added anti-malware menu item to settings menu
- GUI: EULA on install dialo
- Windows on ARM: Now offloads SHA-256 calculation to hardware via NEON instructions, resulting in 7 times performance boost
- Windows on ARM: Fixed last scan timestamp
- AmsiGuard: Now supports unloading of AMSI.DLL
- ApplicationLockdown: Prevent execution of an Visual Basic file via EXPLORER.EXE from an Office application
- CredGuardSAM: Prevent registry command line tool from dumping credentials
- WipeGuard: Volume Boot Record (VBR) protection and alert details
- Minifilter driver altitude, lowered from 345800 to 221600, to prevent third party minifilters from adversely affecting ransomware detection

Fixed:
- CodeCave: coding error that could cause certain rare applications to crash
- CodeCave: False alarms when application is packed with boxedApp packer
- ACPProtection: False alarms when application is packed with boxedApp packer
- ApiSetGuard: False alarms on a standard DLLMain implementation that does nothing but returning 0 or 1
- CryptoGuard 5: False alarm in combination with Dropbox
- CryptoGuard 5: False alarm when deleting many files on and endpoint protected by Bitdefender’s CryptoStore feature
- HeapHeapProtect: Applications under attack could crash when the used shellcode caused an unaligned stack
- Crash in Equation Editor when under attack, caused by Data Execution Prevention (DEP)
- Italian string in Systray context menu


HitmanPro.Alert 3.8.6 Build 875
- Updated CryptoGuard to version 5.5. This new version offers improved performance on systems with high-end hardware (e.g. NVMe M.2 SSDs)
- Improved CryptoGuard detection
- Improved WoW64 mitigation
- Improved upgrade of build 7xx to a 8xx build
- Improved installer to detect partial old installation
- Improved the internal updater to check more frequent for updates
- Various minor improvements
- All binaries built with Visual C++ 16.6.1 with Spectre mitigations


HitmanPro.Alert 3.8.4 Build 871
- Change log not available for this version


HitmanPro.Alert 3.8.3 Build 869
Fixed:
- handle leak in Alert's service process
- compatibility with BoxedApp applications
- event log to show the timestamp in local time instead of UTC time
- a device reference counting issue in the driver related to WipeGuard mitigation

Improved:
- CryptoGuard 5 algorithms
- APC mitigation
- DEP mitigation
- HeapHeapProtect detection
- HeapSpray mitigation
- SysCall mitigation
- the update pending message to be shown more frequent instead of just once
All binaries built with Visual C++ 16.5.3 with Spectre mitigations


HitmanPro.Alert 3.8.2 Build 867
- Change log not available for this version


HitmanPro.Alert 3.8.1 Build 863
- Improved CryptoGuard 5 detection
- Improved minifilter performance
- Improved compatibility with VMware ThinApp applications
- Improved compatibility with BoxedApp applications
- Improved compatibility with Checkpoint
- Various minor improvements to alert reports
- Fixed CTF Guard false alarms on some computers
- Fixed RDP Guard showing a flyout on non-RDP sessions on Windows 7
- Fixed HeapHeapProtect false alarms on Visual FoxPro applications
- Fixed APC mitigation false alarms on some .NET 1.1 applications
- Fixed Generic.Ransom.E false alarms on LSASS.exe on 64-bit computers
- All binaries built with Visual C++ 16.4.3 with Spectre mitigations


HitmanPro.Alert 3.8.0 Build 861
- Improved CryptoGuard 5 performance
- Improved suppress alert event user interface
- Fixed issue in CryptoGuard 5 causing BSOD when copying large files over SMB
- Fixed potential local privilege escalation (LPE)


HitmanPro.Alert 3.7.12 Build 861
- Improved CryptoGuard 5 performance
- Improved suppress alert event user interface
- Fixed issue in CryptoGuard 5 causing BSOD when copying large files over SMB
- Fixed potential local privilege escalation (LPE)


HitmanPro.Alert 3.7.12 Build 793
- Change log not available for this version


HitmanPro.Alert 3.7.11 Build 791
- Improved CryptoGuard to handle a deficiency in Windows leveraged by the RIPlace evasion technique
- Fixed a CryptoGuard EFS false positive on LSASS (Local Security Authority Sub System)


HitmanPro.Alert 3.7.10 Build 789
- Fixed rare stack alignment issue on Windows 10 build 1903 (19H1) caused by recent Keystroke Encryption change
- Improved compatibility with Webroot security software, fixing application crashes
- Improved compatibility with Bitdefender security software, fixing application crashes
- Improved compatibility with Trend Micro security software, fixing application crashes
- Improved compatibility of CTFGuard with VMware ThinApp


HitmanPro.Alert 3.7.10 Build 787
- Change log not available for this version


HitmanPro.Alert 3.7.9 Build 779
- Change log not available for this version


HitmanPro.Alert 3.7.9 Build 777
- Improved Code injection, which will result in faster boot times on Windows 10. It also fixes a rare issue a few Windows 10 users had where the system did not finish boot correctly
- Improved Heap Heap Protect mitigation as it should now play more nicely with certain .NET applications
- Improved Hardware Assisted Control-Flow Integrity, our Last Branch Record CPU assisted ROP mitigation, to fix false positives we're seeing on some newer CPUs
- Improved Alert info regarding our real-time Anti-Malware and Code Cave mitigation
- Fixed Rare bug in CryptoGuard which sometimes forgot to make a backup of a file - which you could lose in the event of a ransomware attack


HitmanPro.Alert 3.7.9 Build 775
- Change log not available for this version


HitmanPro.Alert 3.7.9 Build 773
- Changed name for "Dynamic Shellcode Mitigation" to "Heap Heap Protect"
- Improved Heap Heap Protect
- Improved CodeCave
- Fixed Trend Micro Intruder/Safe Browsing incompatibility


HitmanPro.Alert 3.7.9 Build 771
- Change log not available for this version


HitmanPro.Alert 3.7.9 Build 759
- Added Mitigation of local privilege escalation via Task Scheduler (CVE-2018-8440 / @SandboxEscaper)
- Added Compatibility with Windows 10 Redstone 5
- Improved WipeGuard mitigation handling VBR sectors
- Improved Asynchronous Procedure Call (APC) Mitigation
- Improved SEHOP mitigation performance improvement
- Improved Compatibility with 3rd party products that use PUSH/RET in their API hooks
- Improved Windows Vista code injection
- Fixed Compatibility with Windows XP Embedded POSReady 2009
- Fixed Compatibility with Microsoft Edge Application Guard (WDAG) failed to start
- Fixed Compatibility with Microsoft Hyper-V failed to start
- Fixed Compatibility with F-Secure DeepGuard
- Fixed False positive ROP detection (stack-based) in Google Chrome 69 caused by (DRM) widevinecdm.dll
- Fixed Security issue (CVE assigned)
- Updated Botan 2.7.0
- Updated Sqlite 3.24.0
- Updated All code compiled with Visual Studio C++ 15.8.4
- Disabled hardware-assisted ROP mitigation on Chrome 67 (or newer) due to their use of RETpoline
- Removed Network Lockdown mitigation (deprecated) / hmpnet.sys


HitmanPro.Alert 3.7.8 Build 751
- Change log not available for this version


HitmanPro.Alert 3.7.8 Build 750
- Change log not available for this version


HitmanPro.Alert 3.7.6 Build 739
- Change log not available for this version


HitmanPro.Alert 3.7.6 Build 738
- Change log not available for this version


HitmanPro.Alert 3.7.6 Build 737
- Change log not available for this version


HitmanPro.Alert 3.7.3 Build 729
- Change log not available for this version


HitmanPro.Alert 3.7.1 Build 723
- Added Real-Time Anti-Malware, which works with the HitmanPro cloud
- Added Credential Theft Protection, which prevents theft of authentication passwords and hash information. Prevents Mimikatz-style attacks
- Added Local Privilege Guard, which stops specific exploitation of the operating system kernel. Prevents an attacker from using the privilege information of another process
- Added Code Cave mitigation, which stops backdoors in trusted code. Prevents e.g. Backdoor Factory and Shellter-style attacks
- Added Sticky Keys mitigation, which prevents abuse of the Microsoft sticky key feature and is typically used by attackers to gain persistence
- Added Application Verifier mitigation, which prevents abuse of the Application Verifier feature of Windows (eg. Double Agent code-injection)
- Improved Asynchronous Procedure Call (APC) mitigation to improve compatibility with third-party security solutions on Windows 10 version 1709 (Fall Creators Update)
- Added protection against dropping shellcode straight into memory from VBA macro code. This mitigation is part of Load Library and triggers a Shellcode alert
- Added protection against compilation of arbitrary code straight into memory from an application under exploit mitigations, like Office. Such attacks can bypass whitelisting based protection like Windows Defender Device Guard
- Added automatic protection of Microsoft Outlook (under the Office category) to defend against e.g. DDE attacks embedded in the body of malicious emails or calendar invites
- Improved Hollow Process mitigation to block hijacking of a remote main thread to run arbitrary code
- Improved Import Address Table Address Filtering (IAF) exploit mitigation
- Improved code injection of the HitmanPro.Alert Support Library (DLL)
- Improved upgrade when running in 'Anti-ransomware only' mode
- Improved DLL hijack mitigation which loaded an incorrect DLL on WoW64 processes
- Fixed Intruder alert in Firefox when Norton is installed (e.g. Norton Security)
- Fixed a ROP technique detection on pidgenx.dll when trying to activate Microsoft Office
- Fixed a CallerCheck alert associated with Microsoft Power Query and CLR.DLL
- Fixed a DEP mitigation triggered in some Microsoft Excel macro's
- Fixed a compatibility issue with Microsoft Hyper-V on Windows 10 version 1709 (Fall Creators Update)
- Fixed a minor memory leak originating from the CryptoGuard anti-ransomware mitigation
- Many other minor fixes and improvements


HitmanPro.Alert 3.6.7 Build 604
- Fixed CryptoGuard false positive


HitmanPro.Alert 3.6.6 Build 593
- Change log not available for this version


HitmanPro.Alert 3.6.5 Build 592
- Change log not available for this version


HitmanPro.Alert 3.6.4 Build 588
- Change log not available for this version


HitmanPro.Alert 3.6.4 Build 586
- Fixed bug in CryptoGuard correlation

更新時間：2020-12-07
更新細節：

What's new in this version:

- Added keyboard video seeking with up and down keys
- F3 / Ctrl+F search hotkey improved
- Modal dialogs improved
- Better organizing on categories section
- Font family selection under Options > Appearance
- Some bugfixes