Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 19 submissions in the queue.

Submission Preview

Link to Story

Microsoft Does Something Useful, Adds Sysmon to Windows

Accepted submission by upstart at 2026-02-05 19:03:35
News

upstart [soylentnews.org] writes:

████ # This file was generated bot-o-matically! Edit at your own risk. ████

Microsoft does something useful, adds Sysmon to Windows [theregister.com]:

There is good news for administrators: Microsoft has delivered on its promise to build Sysmon functionality into Windows.

The functionality [windows.com] arrived in the Dev and Beta Windows Insider channels this week in builds 26300.7733 and 26220.7752, respectively. It allows administrators to capture system events via custom configuration files, filter for specific events, and write them to the standard Windows event log for pickup by third-party applications, including security tools.

Sysmon, part of the Sysinternals toolset, has long been useful for monitoring Windows' internals. Mark Russinovich, Microsoft technical fellow and co-founder of Winternals, from whence Sysinternals (and Sysmon) sprang, said [microsoft.com]: "It helps in detecting credential theft, uncovering stealthy lateral movement, and powering forensic investigations.

"Its granular diagnostic data feeds security information and event management (SIEM) pipelines and enables defenders to spot advanced attacks."

But deployment has been painful for administrators, managing potentially thousands of endpoints across an enterprise that need to be kept. Russinovich noted "a lack of official customer support for Sysmon in production environments."

Having it built in (though disabled by default) is therefore welcome, a respite from Microsoft's relentless AI integrations across its portfolio.

Enabling it requires some work with PowerShell, which shouldn't trouble Sysmon-savvy users. Microsoft notes that any existing Sysmon installation must be uninstalled first before the built-in version can be enabled.

After a month of patches that Microsoft would rather forget [theregister.com], Sysmon's arrival is a genuinely positive update.

Rather than adding font effects to Notepad and more AI [theregister.com], or turning Paint into a Photoshop knockoff, Microsoft is delivering a tool that actually makes administrators' lives easier - perhaps a sign it's taking user needs more seriously than shareholder demands.

Who are we kidding? ®

Get ourTech Resources [theregister.com]ShareMore about

  • Microsoft
  • Sysadmin
  • Windows

More like these×More about

  • Microsoft
  • Sysadmin
  • Windows

Narrower topics

  • Active Directory
  • Azure
  • Bing
  • Bitlocker
  • BSoD
  • Excel
  • Exchange Server
  • Help Desk
  • HoloLens
  • Internet Explorer
  • LinkedIn
  • Microsoft 365
  • Microsoft Build
  • Microsoft Edge
  • Microsoft Fabric
  • Microsoft Ignite
  • Microsoft Office
  • Microsoft Surface
  • Microsoft Teams
  • .NET
  • Office 365
  • OS/2
  • Outlook
  • Patch Tuesday
  • Pluton
  • PowerShell
  • SharePoint
  • Skype
  • SQL Server
  • Visual Studio
  • Visual Studio Code
  • Who, Me?
  • Windows 10
  • Windows 11
  • Windows 2000
  • Windows 7
  • Windows 8
  • Windows Server
  • Windows Server 2003
  • Windows Server 2008
  • Windows Server 2012
  • Windows Server 2013
  • Windows Server 2016
  • Windows Subsystem for Linux
  • Windows XP
  • WPF
  • Xbox
  • Xbox 360

Broader topics

  • Bill Gates
  • Operating System

More about ShareMore about

  • Microsoft
  • Sysadmin
  • Windows

More like these×More about

  • Microsoft
  • Sysadmin
  • Windows

Narrower topics

  • Active Directory
  • Azure
  • Bing
  • Bitlocker
  • BSoD
  • Excel
  • Exchange Server
  • Help Desk
  • HoloLens
  • Internet Explorer
  • LinkedIn
  • Microsoft 365
  • Microsoft Build
  • Microsoft Edge
  • Microsoft Fabric
  • Microsoft Ignite
  • Microsoft Office
  • Microsoft Surface
  • Microsoft Teams
  • .NET
  • Office 365
  • OS/2
  • Outlook
  • Patch Tuesday
  • Pluton
  • PowerShell
  • SharePoint
  • Skype
  • SQL Server
  • Visual Studio
  • Visual Studio Code
  • Who, Me?
  • Windows 10
  • Windows 11
  • Windows 2000
  • Windows 7
  • Windows 8
  • Windows Server
  • Windows Server 2003
  • Windows Server 2008
  • Windows Server 2012
  • Windows Server 2013
  • Windows Server 2016
  • Windows Subsystem for Linux
  • Windows XP
  • WPF
  • Xbox
  • Xbox 360

Broader topics

  • Bill Gates
  • Operating System

TIP US OFF

Send us news [theregister.com]

Original Submission