You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@@ -67,8 +67,8 @@ On November 12, 2024, it was discovered that manually running a custom query rul
* Allows {elastic-defend} to bypass network traffic from other computers when promiscuous mode is enabled on Windows.
* Fixes a bug with the `get-file` Endpoint response action. When you used the `get-file` response action to retrieve a Windows Alternate Data Stream, the resulting `.zip` archive would contain a checksum error that made it unusable by most zip tools.
* Increases the maximum number of ETW buffers that {elastic-defend} can use.
* Fixes a bug where {elastic-defend} was omitting MD5 and SHA-1 hashes in events and alerts unless a user had explicitly enabled them via advanced policy. This 8.17.0 change was not supposed to go live until 8.18.0.
* Fixes an issue where {elastic-defend} was not correctly populating `event.created` for process events on Windows.
* Fixes a bug where {elastic-defend} was omitting MD5 and SHA-1 hashes in events and alerts unless a user had explicitly enabled them using the advanced policy. This 8.17.0 change was not supposed to go live until 8.18.0.
* Fixes an issue where {elastic-defend} wasn't correctly populating `event.created` for process events on Windows.
