HitmanPro.Alert 3 Release History

Build 604 (2017-06-22)

  • Added Asynchronous Procedure Call (APC) mitigation which protects against the DoublePulsar code injection. This mitigation is part of Risk Reductions > Process Protection.
  • Improved CryptoGuard
  • Improved compatibility with Steam
  • Improved path translation for thumbprints
  • Improved DLL injection to respect Protected Process and Trustlets
  • Fixed compatibility when installing inside QEMU/KVM hypervisor
  • Fixed compatibility with Symantec Endpoint Protection on Windows XP
  • Fixed compatibility with Firefox 52 (or newer) on Windows XP

Build 592 (2017-05-11)

  • Fixed CryptoGuard false positive

Build 588 (2017-03-30)

  • Fixed IAT Filtering (IAF) false positive when starting an application (occurred randomly)
  • Fixed Intruder false positive caused when DLLs are frequently loaded/unloaded
  • Fixed ROP while handling an exception in 64-bit applications
  • Fixed 32-bit binaries no longer require an SSE capable CPU
  • Improved CryptoGuard by adding support for additional file types

Build 586 (2017-02-10)

  • Fixed bug in CryptoGuard correlation

Build 584 BETA (2017-02-07)

  • Improved installer/uninstaller
  • Improved compatibility with MBAE, MBAM v3 and EMET
  • Improved CallerCheck mitigation
  • Improved DEP mitigation
  • Improved compatibility with software using delay-loaded user32.dll
  • Fixed issue with Forza Horizon 3 failing to start
  • Fixed issue with Enpass UWP failing to start
  • Fixed rare crash in Mozilla Firefox when running with Norton
  • Fixed rare crash in conhost.exe
  • Fixed rare BSOD in WipeGuard in combination with some USB fixed disks
  • Fixed small memory leak
  • The issue with Overwatch was fixed by Blizzard

Build 580 BETA (2017-01-20)

  • Fixed BSOD in CryptoGuard
  • Fixed BSOD in WipeGuard

Build 579 BETA (2017-01-18)

  • Microsoft co-signed both hmpnet.sys and hmpalert.sys drivers

Build 578 BETA (2017-01-16)

  • Improved compatibility with third-party applications trying to modify our DLL in-memory
  • Improved compatibility with Turbo.net (or Spoon.net) applications
  • Improved Self Protection
  • Improved ROP exploit mitigation
  • Improved CryptoGuard
  • Added tamper protection to CryptoGuard minifilter
  • Added Hangul Word Processor to Software Radar
  • Fixed rare crash in Firefox caused by misaligned stack
  • Fixed compatibility with Trusteer Rapport on 32-bit browsers
  • Updated Network Filtering component
  • Updated Libpng library to latest version
  • Updated sqlite3 library to latest version

Build 574 (2016-11-29)

  • Added thumbprint based suppression technology
  • Improved CryptoGuard
  • Improved BadUSB enable/disable
  • Improved Application Lockdown
  • Improved DEP mitigation reporting detaills
  • Improved LoadLib mitigation
  • Improved WipeGuard
  • Improved SEHOP mitigation
  • Improved compatibility with 32-bit Java desktop applications requiring 1GB+ memory
  • Improved colored window border to support app windows (eg. KeePass)
  • Fixed support for Windows XP
  • Fixed Intruder detection on Websense DLL in 64-bit browser processes
  • Fixed ROP detection in Photoshop Elements Editor
  • Several minor improvements

Build 562 (2016-09-23)

  • Added CryptoGuard 4.5
  • Improved LoadLib mitigation technical details
  • Fixed LoadLib mitigation false positive on computers with specific old Hewlett Packard printer driver
  • Fixed typo in Dutch language
  • Updated Danish language

Build 558 (2016-09-09)

  • Added compatibility for computers running Windows 10 Anniversary Update with SecureBoot enabled
  • Improved CryptoGuard ransomware detection
  • Improved CryptoGuard on Distributed File Systems (DFS)
  • Improved compatibility with Norton Security
  • Improved compatibility with Trend Micro
  • Improved compatibility with Bitdefender on 64-bit computers
  • Improved compatibility with Trusteer Rapport on 64-bit computers
  • Fixed CryptoGuard false positive while previewing many Excel files
  • Fixed BSOD caused by WipeGuard resource locking

Build 546 (2016-07-22)

  • Version 3.5
  • Added CryptoGuard 4th generation
  • Added WipeGuard mitigation
  • Added DLL hijack mitigation on downloaded binaries
  • Added Hardware-Assisted IAT filtering
  • Added Import and Export of Settings
  • Improved Hardware-Assisted Control-Flow Integrity (CFI) mitigation
  • Improved ROP mitigation
  • Improved CallerCheck mitigation
  • Improved Heap Spray mitigation
  • Improved Hollow Process mitigation
  • Improved Application Lockdown
  • Improved Colored Window Border
  • Improved overall mitigation performance
  • Improved reporting details
  • Improved compatibility hooks
  • Improved 3rd party trampoline handling
  • Improved support for binaries with Intel® MPX instructions
  • Fixed Software Radar incorrectly detecting 64-bit applications
  • Various minor improvements

Build 374 (2016-06-21)

  • Improved CryptoGuard to detect Zyklon ransomware.
  • Improved CryptoGuard handling of network based renames.
  • Improved callstack report.
  • Fixed rare BSOD when local ransomware encrypts local file share.
  • Fixed off-by-one issue in command line parser.
  • Fixed ROP mitigation caused urlmon false negative.
  • Fixed ROP mitigation caused advapi32 false positive.
  • Several minor improvements.

Build 373 (2016-05-30)

  • Improved compatibility with Firefox 46.
  • Improved compatibility with Bitdefender 2016.
  • Improved Attack Surface Reduction compatibility with System Mechanic.
  • Improved ROP mitigation.
  • Fixed ROP false positive in Microsoft Office (occurs on some computers).
  • Fixed code injection issue with Windows 7 KB3146706.

Build 368 (2016-04-27)

  • Improved compatibility with Firefox 46.
  • Improved SysCall mitigation (part of Control-Flow Integrity) on Windows 10 Redstone.
  • Improved Colored Window Border.
  • Improved hardware-assisted ROP mitigation performance.

Build 367 (2016-04-26)

  • Added mitigation to prevent regsvr32.exe abuse via COM scriptlets.
  • Fixed ROP false positive in Microsoft Office (occurs on some computers).
  • Improved Skype detection in software radar.
  • Improved short filename (8.3) handling in software radar.

Build 364 (2016-04-08)

  • Fixed an issue with Application Lockdown mitigation on browsers.

Build 363 (2016-04-06)

  • Fixed an issue related to trial activation (bug introduced in build 351).
    If you wanted to try HitmanPro.Alert before but received the error message "This computer already had a free trial", you may want to try again with this new build.

Build 362 (2016-04-04)

  • Improved CryptoGuard mitigation (Anti-Ransomware) to fix a bug introduced with build 357.
  • Improved ROP mitigations.
  • Improved keystroke scrambling of Keystroke Encryption.
  • Fixed compatibility with VirtualBox hardening.
  • Fixed compatibility with Microsoft Edge 31.14279 (Redstone).
  • Fixed compatibility with Microsoft OneNote' e-mail function.
  • Updated embedded libpng library.

Build 360 (2016-02-25)

  • Improved CryptoGuard mitigation (Anti-Ransomware).
  • Improved BadUSB mitigation.
  • Improved user interface icon strip double click handling.
  • Fixed rare BSOD in hmpnet.sys.

Build 357 (2016-02-12)

  • Added support for Windows 10 Insider Preview build 14251 (Redstone).
  • Fixed hmpnet.sys not enabling on Windows 8 (or newer).
  • Fixed crash when passing additional argument along /install command line switch.
  • Fixed SelfProtection false positive.
  • Fixed Teredo Tunneling Adapter. It is no longer disabled.
  • Changed Vaccination default from Active to Passive on fresh installs.
  • Improved CryptoGuard mitigation (Anti-Ransomware).
  • Improved BadUSB mitigation.
  • Improved upgrade of BadUSB and Vaccination settings.
  • Improved compatibility with Emsisoft Internet Security 11.0.0.6131.
  • Improved compatibility with Avast! on Windows 8.1 x64.
  • Improved compatibility with Kaltura.
  • Improved uninstall information.
  • Improved uninstall of hmpnet.sys on 32-bit systems.
  • Added protection against DLL preloading attacks.
  • Updated several translations.

Build 351 (2016-01-19)

  • Added Silent Audit feature.
  • Added dual code signed signatures (Authenticode) on EXE, DLL and SYS files.
  • Improved Webcam Notifier to support Windows Hello.
  • Improved feedback to user when failing to activate a product key.
  • Improved keystroke encryption when BadUSB is disabled.
  • Improved settings upgrade from old version of Alert.
  • Fixed keystroke encryption compatibility with Trusteer Rapport.
  • Fixed race condition when specifying both /install and /lic command line switches.
  • Fixed rare BSOD in hmpnet driver on some Windows 10 computers (build 10586).
  • Changed BadUSB protection default to off for new installs.
  • Updated network component for improved compatibility and performance.

Build 344 (2015-12-11)

  • Improved ROP mitigations.
  • Fixed compatibility with Telegram Desktop.
  • Fixed compatibility with Sophos Web Interceptor.
  • Fixed compatibility with Sophos SafeGuard Encryption.
  • Added Swedish language.
  • Updated Polish language.
  • Updated Indonesian language.

Build 343 (2015-12-08)

  • Improved hardware-assisted ROP mitigation.
  • Improved DEP mitigation.
  • Improved BadUSB mitigation.
  • Improved upgrade procedure.
  • Improved hooking engine.
  • Fixed compatibility with Avast! on 64-bit systems.
  • Fixed keystroke encryption compatibility with Trusteer Rapport.

Build 340 (2015-11-25)

  • Added full support for Windows 10, including TH2.
  • Added support for Microsoft Edge browser.
  • Added Exploit Mitigation support for Windows Apps (Metro applications).
  • Added Anti-Ransomware install mode.
    This mode supports Windows Server 2008 R2 (or newer) environments. Requires Server license.
  • Added support for 6th generation Intel® Core™ processors (codename Skylake).
  • Added SysCall mitigation (thanks Niels Warnars).
  • Added WoW64 mitigation.
  • Added untrusted font mitigation for computers running Windows 10.
  • Added VTable Hijack mitigation on Adobe Flash.
  • Added new Colored Window Border implementation to support Windows Apps (Metro applications).
  • Added new Keystroke Encryption implementation.
  • Added GUI access to alert logs in Windows Event Viewer (on Windows Vista and newer).
  • Added Control Flow Guard support.
    All binaries of HitmanPro.Alert have been compiled with Control Flow Guard (CFG).
  • Improved DEP mitigation.
  • Improved ROP mitigation (thanks Niels Warnars).
  • Improved Heap Spray mitigation.
  • Improved Stack Exec mitigation.
  • Improved Stack Pivot mitigation.
  • Improved Safe Browsing intruder detection.
  • Improved USB keyboard handling.
  • Improved Installer/uninstaller.
  • Added Arabic language.
  • Added Danish language.
  • Added Indonesian language.

Build 209 (2015-11-03)

  • Improved Safe browsing intruder scanner.
  • Improved Heap Spray mitigation.
  • Updated network filtering component.

Build 208 (2015-10-21)

  • Fixed compatibility with Spotify 1.0.16.

Build 207 (2015-10-14)

  • Improved Windows 10 compatibility.
  • Improved compatibility with Kaspersky 16.
  • Improved compatibility with Norton Security 22.5.4.
  • Improved compatibility with Comodo IceDragon browser.
  • Improved colored windows border on Windows 10.
  • Improved network filtering.

Build 196 (2015-07-07)

  • Improved Load Library mitigation.
  • Improved CryptoGuard.
  • Fixed compatibility with Distributed File Servers (DFS).
  • Fixed network issue with Windows Offline Folders failing to synchronize.
  • Fixed keystroke encryption with backslash key on numeric keypad and dedicated volume up/down keys.
  • Fixed DEP mitigation false positive on 32-bit processes (eg. Firefox).

Build 193 (2015-06-18)

  • Improved upgrade experience from HitmanPro.Alert version 2 to version 3.
  • Improved Keystroke Encryption in combination with browser add-ons running as separate process.
  • Improved Keystroke Encryption which sometimes dropped out due to race condition triggered by 3rd party security products performing arbitrary thread injection.

Build 190 (2015-05-29)

  • Improved Stack Pivot exploit mitigation (kudos to Niels Warnars for reporting).
  • Improved Application Lockdown exploit mitigation (kudos to Niels Warnars for reporting).
  • Improved VBScript God Mode exploit mitigation now honors security zone settings.
  • Improved rendering of icons of protected applications on computers with Display on Larger DPI setting.
  • Fixed memory leak in HitmanPro.Alert service.
  • Added Turkish language (thanks to Bekir Ucarci).

Build 187 (2015-05-01)

  • Added application exclusion to Exploit mitigations. Scroll to the far right on the 'Your applications' panel to access this new feature, which should only be used for rare occasions when an application is incompatible with Alert's library.
  • Improved CryptoGuard mitigation.
  • Improved BadUSB compatibility with OEM keyboards.
  • Improved BadUSB compatibility with the Surface Home Button on Microsoft Surface Pro tablets.
  • Improved BadUSB compatibility with keyboards with macro functionality.
  • Improved Keystroke Encryption which sometimes dropped out after using Windows-key.
  • Improved compatibility with Microsoft Office add-ins based on .NET, e.g. gSyncit.
  • Improved Network Lockdown compatibility with the Malwarebytes Anti-Malware Web Access Control driver on Windows 8.
  • Improved Software Radar to detect web browsers that do not immediately register themselves as browser upon installation, e.g. Cyberfox.
  • Improved Dynamic Heap Spray mitigation.
  • Improved compatibility with Trusteer Rapport.
  • Improved VBScript God Mode mitigation (part of Application Lockdown).
  • Fixed Application Lockdown false positive on SharePoint based websites.
  • Fixed rare BSOD in HitmanPro.Alert driver.
  • Updated language strings.

Build 183 (2015-04-17)

  • Improved DEP mitigation.
  • Improved HeapSpray mitigation.
  • Improved Control-Flow Integrity mitigation.
  • Improved Lockdown mitigation.
  • Improved Shellcode mitigation.
  • Improved compatibility with RapidMiner.
  • Improved compatibility with Kaltura.
  • Fixed false positive on streaming sites using Silverlight; eg. Netflix.com and itvonline.nl.
  • Fixed apostrophe and quote character encryption in Internet Explorer on Windows 7.
  • Fixed right-click properties alert in Internet Explorer.
  • Fixed flyout not appearing when an update is pending.

Build 181 (2015-04-08)

  • Improved Shellcode mitigation.
  • Improved Keystroke Encryption on applications in the Other category.
  • Fixed loss of Keystroke Encryption which could occur when the HitmanPro.Alert service was restarted.
  • Changed default flyout to 'Once per logon session'.
  • Changed default Live Keystroke Encryption in Colored window border to Off.

Build 180 (2015-04-07)

  • Initial public release of HitmanPro.Alert 3.0.

Build 137 (2015-01-16)

Release Candidate 2

Build 120 (2014-10-03)

Release Candidate 1

Build 90 (2014-10-03)

Community Technology Preview 4

Build 79 (2014-09-02)

Community Technology Preview 3

Build 73 (2014-07-25)

Community Technology Preview 2

Build 63 (2014-07-10)

Community Technology Preview 1
World's first Anti-Exploit solution with Hardware-Assisted Control-Flow Integrity (CFI).
Return-Oriented Programming (ROP) mitigations for both 32-bit and 64-bit COTS binaries.

Version 2.5.6 (2013-11-22)

Added CryptoGuard support for Windows File Sharing (SMB).
CryptoGuard now protects documents and files shared on the network against remote crypto-ransomware attacks.
Reference

Version 2.5 (2013-11-05)

World's first Anti-Ransomware solution incorporating CryptoGuard technology.
Reference


About Us

SurfRight, the creators of HitmanPro, joined the Sophos family in 2015. We are innovators in online security, focused on developing new applicable technologies to fight malware, spam, phishing and other forms of cybercrime with experience and products stretching back over 30 years. Today our products help secure the networks used by 100 million people in 150 countries and 100,000 businesses, including Pixar, Under Armour, Northrop Grumman, Xerox, Ford, Avis, and Toshiba.