Fortify Your SysInternals Tool Belt with These Four Updates

Fortify Your SysInternals Tool Belt with These Four Updates

Probably one of the most valuable suites of tools for managing and protecting Windows systems is the Sysinternals utilities.  The invention of Mark Russinovich, who now serves as the CTO of Azure for Microsoft, Sysinternals digs deep into Windows, providing management features that Microsoft seemingly forgot. The suite of tools sees constant updates to improve functionality.

Yesterday, four of the tools were updated with new capabilities. Here's what's available:

AccessChk v6.0 – AccessChk is a command-line utility that shows both effective and actual permissions for registry keys, files, services, kernel objects, and other things. The update provides the ability to now show the permissions and security descriptors assigned to event logs, and incorporates owner-rights accesses in its permissions evaluations.

Autoruns v13.4 – Autoruns was just updated last month, but now sits at version 13.4 with the update. Autoruns shows what executables, DLLs, and drivers are configured to automatically start and load. With this update it now reports Office addins, adds several additional autostart locations, and no longer hides hosting executables like cmd.exe, powershell.exe and others when Windows and Microsoft filters are in effect.

Process Monitor v3.2 - Process Monitor is a real-time system monitoring utility that captures registry, file system, process and thread, CPU, DLL and network activity. New in version 3.2, an option has been added to show all file system values in hexadecimal, adds additional error code and file system control strings, and fixes a bug that prevented boot capture on Windows 10.

VMMap v3.2 – VMMap allows you to analyze the virtual and physical memory usage of a process. This update serves to fix a bug that prevented it from working with the 2 TB reserved memory region introduced to support Control Flow Guard (CFG).

You can grab the individual updates or the entire stack of 46 utilities from the Sysinternals Suite page: Sysinternals Suite

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.