4.4.8.0
Features
Kernel-mode Authenticode telemetry
For increased speed and reliability, certificate data for process creations and incidents will be recorded by the driver alone.
This update does not remove dependencies on Windows cryptography libraries, but conducts cryptographic calculations in parallel. Eventually the dependency on Windows may be entirely removed.
Fixes
Reduced memory usage and CPU time spent on attempted event submission when offline, during which telemetry is securely stored until the machine regains connectivity to Cyber Crucible servers.
Some Nvidia driver installers believed they didn’t have privilege to install due to use of an internal Microsoft kernel function to attempt to access Cyber Crucible installed files.
Fixed incompatibility with JWE mode and DMZ mode
MD5 Hashes
service.exe = 5189fe49a1bfade50766fce2a1980eef
CCRRSecMon.sys (Windows7) = 342dd1bbe5f5dfcffe7752b74b34a9e8
CCRRSecMon.sys (Windows8) = a20c9cca59be651db7ae69f9f1f64cf2
CCRRSecMon.sys (Windows10) = a3cf6860d3f059a1ab38ee7b2d82b097