Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Request][8.15.4 & 8.16.0] Add RN summary about Defend bug fix #6429

Merged
merged 4 commits into from
Jan 16, 2025
+2 −0
Merged

[Request][8.15.4 & 8.16.0] Add RN summary about Defend bug fix #6429

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
58ffd6f
First draft
nastasha-solomon Jan 15, 2025
68db772
Fixes links
nastasha-solomon Jan 15, 2025
97aa434
Update docs/release-notes/8.15.asciidoc
nastasha-solomon Jan 15, 2025
e5570c9
Update docs/release-notes/8.16.asciidoc
nastasha-solomon Jan 15, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions docs/release-notes/8.15.asciidoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,7 @@
* Fixes a bug where {elastic-defend} could fail to properly enrich Windows API events for short-lived processes on older operating systems that didn't natively include this telemetry, such as Windows Server 2019. This could result in dropped or unattributed API events.
* Ensures that {elastic-defend} does not emit an empty `memory_region` if it can't enrich a memory region in an API event. After this fix, {elastic-defend} removes these fields.
* Fixes an {elastic-defend} bug where Windows API events could be dropped if they contained Unicode characters that couldn't be converted to ANSI.
* Fixes a race condition that could allow an attacker with administrative rights to disable {elastic-defend} on Windows. We would like to acknowledge Sean Moore (@Fr0g) at https://strafecybersecurity.com[strafecybersecurity.com] for their assistance.

[discrete]
[[release-notes-8.15.3]]
Expand Down
1 change: 1 addition & 0 deletions docs/release-notes/8.16.asciidoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -351,6 +351,7 @@ IMPORTANT: Even when the `excludedDataTiersForRuleExecution` advanced setting is
* Fixes a bug that prevented host name uniformity with {beats} products. If you request {elastic-defend} to use the fully qualified domain name (FQDN) in the `host.name` field, {elastic-defend} now reports the FQDN exactly as the OS reports it, instead of lowercasing by default.
* Fixes an {elastic-defend} bug in behavior protection alerts, where prevention alerts could mistakenly be labeled as detection alerts.
* Fixes a bug that caused {elastic-defend} to crash if a Kafka connection is busy.
* Fixes a race condition that could allow an attacker with administrative rights to disable {elastic-defend} on Windows. We would like to acknowledge Sean Moore (@Fr0g) at https://strafecybersecurity.com[strafecybersecurity.com] for their assistance.
* Fixes scenarios where Automatic Import could generate invalid processors containing array access ({kibana-pull}196207[#196207]).
* Improves Timeline's table performance when row renderers are switched on ({kibana-pull}193316[#193316]).
* Fixes misaligned filter control labels on the Alerts page ({kibana-pull}192094[#192094]).
Loading