New Release: Immunet 7.5.8

[Harshal]

Hello all,

We are happy to announce a new release of Immunet 7.5.8!

This latest version of Immunet provides the same great protection against malware and viruses as before, but also includes some new features, enhancements and bug fixes as below.

Changes in 7.5.8

New

• Exploit Prevention
  • Protect processes running from network drives
  • Protect processes running remotely
  • Prevent AppControl bypass through rundll32
  • Prevent Windows User Account Control bypass
  • Protect against credential theft from Internet Explorer and Edge by Mimikatz
  • Detect shadow copy deletion
  • Protect against SAM hash credential theft by Mimikatz
  • Protect previously running processes
  • Fixed exploit prevention compatibility issues with McAfee
  • General Performance Improvements
  • Chrome Credential protection
  • AMSI bypass protection

• Exclusions

  • The connector now supports wildcards (‘*’) in Process Exclusions. This wildcard will not expand beyond path separators
  • Exclusion performance enhancements.

• Miscellaneous

  • Addressed an issue with malicious Ethos file detections not being quarantined if seen more than once
  • Addressed a race condition that may end in BSOD when the driver verifier was used in conjunction with the connector
  • Implemented scan optimization in script protection scanning by using the caching mechanism for unknown disposition
  • New capability to send additional Microsoft Windows update build revision information to improve risk-based OS vulnerability interference capability
  • Improved the uninstall process of the connector
  • Added support for the BypassIO feature in Windows 11
  • This version is the last to support legacy operating systems such as Windows 7 and 8, Server 2012, and all 32-bit versions of Windows.

Bugfixes/Enhancements

 

• Exploit Prevention
  • General performance and stability improvements for the exploit prevention engine
  • Fixed exploit prevention engine compatibility issues with Zoom
  • Fixed a bug that caused Outlook to crash when exploit prevention was enabled
  • Addressed an issue where clients were experiencing a blue screen on Windows Server 2012 with the exploit prevention driver when upgrading to 7.5.1. (CSCwa59221)
  • Addressed an issue that caused exploit prevention to fail to after a connector upgrade. (CSCvz83877)
  • Improved exploit prevention engine for:
  • Script control functionality (wmi detection in plugins/macros)
  • Atom bombing protection mechanism
  • User access control bypass mechanism (false positive reduction)
  • Handling a potential crash in Windows 7
• Behavioural Protection
  • Script protection has been enhanced to use the same core detection engine as behavioural protection to be able to detect fileless malware attacks using a signature-based mechanism
  • Behavioral protection engine improved to be able to match activity on the endpoint that occurs in a specific order
  • Behavioral Protection engine updated to be able to detect command line argument spoofing

You can get the new installer from here https://download.immunet.com/binaries/immunet/bin/ImmunetSetup.exe

Expected upgrade behaviour for Immunet users:
 * Upgrades from versions below 7.0.0 to 7.0.0 and higher require a reboot to complete
 * Upgrades from versions starting 7.0.0 to any higher version do not require a reboot to complete

If you are running an older version of Immunet, you should be able to upgrade via the 'Update Now' button in the UI. If you don't see the update in your UI we recommend uninstalling Immunet and reinstalling the version downloaded from http://www.immunet.com/index