HitmanPro.Alert

[harlan4096]

HitmanPro.Alert 3.8.12 Build 943 Released

Changes (compared to build 923):

• Added system-wide protection against 'Hell's Gate' defense evasion via direct system calls, or SysCall, on 64-bit applications
  
• Added protection against cloning of LSASS process to Credential Theft Protection
  
• Added support for ReFS file system to CryptoGuard
  
• Added NOTEPAD.EXE to Office template
  
• Added GPT partition support to WipeGuard
  
• Added NVMe support to WipeGuard
  
• Added MITRE ATT&CK references to the CookieGuard, SysCall and RemoteThreadGuard mitigations
  
• Added alerting to our protection of sticky key abuse (and other accessibility features)
  
• Added EA Digital Illusions CE AB to game detection
  
• Improved protection against direct system calls, or SysCall, on 32-bit applications
  
• Improved handling of certificates on code-signed applications
  
• Improved CookieGuard alert with information about the application certificate, if any, in the alert
  
• Improved CookieGuard so it now adds certificate validation information into the alert details
  
• Improved WipeGuard to protection the Volume Boot Record of all mounted partitions. Previously, only the boot partition was protected.
  
• Improved WipeGuard to terminate the offending process. Previously, the offending action was only blocked.
  
• Improved HollowProcess to protect against PEB manipulation in a remote process where PEB is writable
  
• Improved Lockdown mitigation to isolate modules (DLLs) dropped in attacks via Office documents.
  
• Improved the per app mitigation settings in the user interface. It now has room for extra checkboxes.
  
• Change reboot fly-out reminder interval from 1h to 8h
  
• Changed Dynamic Heap Spray detection; it is now disabled on 64-bit applications
  
• Changed text for Benefits button to Help center
  
• Changed Sophos Privacy Notice and Terms of Service
  
• Fixed Keystroke Encryption and BadUSB Protection which caused a BSOD (APC_INDEX_MISMATCH) on Windows 11 with update KB5013943.
  
• Fixed issue that prevented restarting of some protected applications when using the 'restart' function from the ApplicationPanel (Running applications) when changing a setting.
  
• Fixed a compatibility issue between our anti-ransomware CryptoGuard 5 and Artisan scrapping book software from Forever Storage
  
• Fixed displaying icons of UWP applications
  
• Fixed several user interface inconsistencies
  
• Fixed false alarm by APCViolation on Avast 'aswhook' DLL
  
• Fixed false alarm by CookieGuard if application starts from a RAM-drive
  
• Fixed false alarm by HollowProcess on Visual Studio
  
• Fixed issue with Lockdown inheritance when parent process is OpenWith.exe
  
• Fixed issue when a user tries to install HitmanPro.Alert on machine where Sophos Home Premium is already installed
  
• Fixed tray icon burning CPU cycles after install
  
• Fixed unexpected removal of Forza Horizon 5 under UWP exclusions
  
• Updated third-party libraries
  
• Several other changes under the hood
  

Download: https://dl.surfright.nl/hmpalert3b943.exe

In the coming days we are automatically updating our users, starting with machines running build 941 tonight.

A big thank you to all participants who helped us test our beta builds! Awesome!