New Windows 11 Preview Adds Sysmon, Fixes Explorer Issues

[harlan4096]

Microsoft has released Windows 11 Insider Preview Build 26220.7752 (KB5074177) to the Beta Channel, which includes native Sysmon support and a few targeted fixes. This build is based on Windows 11 version 25H2 and is available now for Insiders who are part of the Beta Channel.

As with previous Beta channel builds, changes are divided between those that are rolled out gradually to systems with the “Get the latest updates as they are available” toggle enabled, and fixes that are applied more broadly over time.

Native Sysmon Support Now Included in Windows

The first and most important change in this build is the inclusion of built-in Sysmon, which no longer requires a separate Sysinternals download.

Sysmon is a tool that logs detailed system events for use in threat detection, auditing, and forensic analysis. These events are sent to the Windows Event Log, making them compatible with security tools and custom workflows.

Sysmon is disabled by default and needs to be manually enabled.

How to Enable Native Sysmon Support

There are two ways to turn on built-in Sysmon:

Using Settings

• Open Settings
  
• Go to System > Optional features
  
• Select More Windows features
  
• Check Sysmon and apply changes
  

Continue Reading...