4.4.7.1

Owned by Noah Greenberg

Last updated: Apr 05, 2024

1 min read

Features

More telemetry for process creations and incidents
- User SID
- User down-level logon name
- Whether or not the process is elevated (Run As Administrator)
Incidents now report where iterative data access occurred

Fixes

Reduced memory usage during periods of server connectivity issues and heavy telemetry occurring at once
Reduced memory usage during incident reporting

MD5 Hashes

service.exe  = 0df0b7d76abd0978734ac961cd4cddaf
CCRRSecMon.sys (Windows7)        = dced5933e7b3e720a72160eb32cd83cb
CCRRSecMon.sys (Windows8)        = e14aa1324a9a42958cd955b9fffd4f79
CCRRSecMon.sys (Windows10)       = 9d2edcf2288e7563892dac6300517102