Features

• Kernel-mode Authenticode telemetry

  • For increased speed and reliability, certificate data for process creations and incidents will be recorded by the driver alone.

  • This update does not remove dependencies on Windows cryptography libraries, but conducts cryptographic calculations in parallel. Eventually the dependency on Windows may be entirely removed.

Fixes

• Reduced memory usage and CPU time spent on attempted event submission when offline, during which telemetry is securely stored until the machine regains connectivity to Cyber Crucible servers.

• Some Nvidia driver installers believed they didn’t have privilege to install due to use of an internal Microsoft kernel function to attempt to access Cyber Crucible installed files.

• Fixed incompatibility with JWE mode and DMZ mode

MD5 Hashes