Three Sysinternals Utilities Updated: Sysmon, LogonSessions, and VMMap

Three Sysinternals Utilities Updated: Sysmon, LogonSessions, and VMMap

The invention of Mark Russinovich, who now serves as the CTO of Azure for Microsoft, Sysinternals utilities help IT administrators dig deep into Windows and provide valuable information for better understanding management and security of the computer landscape. The suite of tools sees constant updates to improve functionality.

Three of the utilities have now been updated. Here's what's new…

Sysmon v3.1 – Sysmon is a background service for logging security-related activity form Windows processes and networks. This new version adds information about the thread initialization function for CreateRemoteThread events, including the DLL and function name and address. It also changes the format of timestamps to allow for simple string sorting and fixes several bugs.

LogonSessions v1.3 – LogonSessions runs as a command-line utility and collects information about Windows authentication sessions. This update includes options for creating CSV and tab-delimited output for easy import into Excel and other applications.

VMMap v3.21 – VMMap is a utility to show details of a process's virtual and physical memory usage. Version 3.21 just fixes a couple bugs. The first bug is where unused memory was reported as committed, and the other where it omitted call-tree summary statistics.

You can grab the individual updates or the entire stack of 46 utilities from the Sysinternals Suite page: Sysinternals Suite

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish