• What's New
• Change History
• Installation Guide
• SHA-256: a5163f50bd6ce725c4c8638f7505b64bb603ea6bfe3f7d9ed4e403236716f787

Download

Please see the file NEWS for a detailed list of changes.

Note: all versions are functionally equivalent, i.e. each version can handle all executable formats, so you only need the file that runs on your host OS.

Security/VirusTotal links are listed in the pinned issue #437

Download

Release 0.5.4

Download

submodules: Bump outdated

Download

please refer to the Changelog

WARNING: The release will be live within an hour!

Download

v1.15.2784 (Windows 10) and v1.15.2785 (Windows 11) are servicing updates to Windows Terminal Stable v1.15. It is highly recommended that you install this version if you're using Windows 11 22H2 (October Update).

As a reminder, Terminal 1.12 was the last version of Windows Terminal that supports Windows 19H1 or 19H2.
Those versions of Windows went out of support in May, so you really may want to consider upgrading.

A preinstallation kit is available for system integrators and OEMs interested in prepackaging Windows Terminal with a Windows image. More information is available in the DISM documentation on preinstallation. Users who do not intend to preinstall Windows Terminal should continue using the msixbundle distribution.

If you intend on using Terminal as an unpackaged application--that is, extracting the msix file--we recommend that
you use the Win10 bundle. You will need the Visual C++ runtime redistributable.

In addition, if you install the packaged version on either Windows 10 or Windows 11, it now depends on the Visual C++ Universal Runtime Package.

Despite these distributions having different version numbers, they are built from the same code and there is no
functional difference between them.

If you install the Windows 10 version on Windows 11, it will probably automatically upgrade itself to the Windows 11
version.

This servicing release supersedes the v1.15.2712.0 release (not uploaded to GitHub) and contains the following bug fixes and changes:

Changes

• Terminal will now detect the title of a LNK or EXE as the default terminal (backport from 1.16) (#13570)

Bug Fixes

Stability and Security

• Windows Terminal once again works on Windows N (no media) SKUs
• OSC 9;9 will now reject malformed paths (#14093)
• OSC 8 URIs will be limited to 2MB in length, following iTerm2 (and only 1024 bytes will be displayed in the tooltip) (#14198)
• We've fixed some lag and deadlocking that would happen when you close a tab (#14041)
• We will no longer leak OpenConsole processes when they're running a Visual Studio Developer Shell (#14160)
• An application calling system() on its main thread will no longer deadlock itself and Terminal (when Terminal is set as default) (#14195)
• We've fixed a potential race condition causing a crash on tab close (#13882)

Accessibility

• The WPF control now supports accessibility notifications (#14097)
• The Settings UI title/breadcrumb bar is now readable by screen readers (#14180)

Usability

• You can now duplicate unfocused tabs (#13964) (thanks @JerBast!)
• The Open in Terminal shell extension should appear more reliably on the Desktop context menu (#14048) (#14211)
• "Export Text" will no longer suggest illegal filenames (#13693) (thanks @EliaSchiavon!)
• Alt+Space will now open the system menu in the Settings UI and Command Palette (#14221)
• intenseTextStyle is now included properly in the JSON schema (whoops) (#14210) (thanks @neersighted!)

Download

v1.15.2712.0

Download

please refer to the Changelog

Download

See https://frida.re/news/ for details.

Download

See https://frida.re/news/ for details.

Download

This is the second stable release of the Windows Package Manager 1.3.

This release is just for the sake of transparency for Windows Package Manager users. This ensures that the GitHub release is aligned with any changes related to AppInstaller. The changes associated with this release only affect AppInstaller. No additional features or bug fixes related to winget were included.

Experimental features are disabled in this release.

Download

Here on this day of September 2022, we've quashed a number of bugs in the 1.16 preview release and added some new features to boot.
Enjoy!

Changes

• Terminal now understands the sizes of characters newly-added in Unicode 15.0 (#14001)
• We've added support for fractional font sizes (surprise! on a point release!) (#14013) (#14040)
  • If you're using the new text rendering engine plus the Terminus TTF font, you can now select a font size that perfectly matches a bitmap strike . . . and it works!

Bug Fixes

New Rendering Engine

• Bitmap fonts should look much better now (#14014)
  • As a side effect, we are now intentionally ignoring the typographic line gap. We have found that monospaced terminal fonts have a line gap of zero, and the ones that don't should.
  • See above. Some bitmap fonts require fractional point sizes . . . so now you can see them in their full glory!
• On devices that don't support Shader Model 4.0 but do support DirectX 10, we will no longer try to use the glyph atlas (#13994)
  • ... and if we did, we would no longer tell you about the error 10,000 times (#13995) (thanks to @Its-Nevmo and @noinkling for testing!)
• No longer should there be streaks of cursor left all over the left side of the screen (#14038)
• If you were to specify \e#3, we might have crashed before, but now we will not (#13966)
• You can once again use shaders for experimental.pixelShaderPath that are not technically perfect (ones that compile wit warnings) (#13998) (thanks @mrange!)
• Some text (especially that which requires fake italics) should now look less like a RaNsOm nOtE (#14039)
  • It might still look a little bit like a ransom note, sorry. Just less so.

Reliability

• Tabs should no longer take up to infinity seconds to close (#14041)
  • If you see any instances of OpenConsole.exe hanging around after you close a tab (or a whole Terminal), please let us know!
• The "Open in Terminal ..." context menu item should now show up and disappear more reliably (#14048)

Download

This one almost speaks for itself. Dang. Welcome to Terminal: Really Long Release Notes Edition!

Features

• Themes: Terminal now has support for themes! (#12992) (#13049) (#13178) (#13348) (#13465) (#13689) (#13702) (#13871)
  • To celebrate this, we've changed the default theme to Windows Dark. If you are not happy about that, you can change it back to light or anything you like (#13743)
• New Text Rendering Engine
  • The new text rendering engine is now enabled by default in Preview builds (#13752)
  • We've added support for the experimental.pixelShaderPath and experimental.retroTerminalEffect settings... (#13885)
    • ... with a further optimization: shaders that do not use the time component will not trigger a redraw every frame! (#13903)
  • It now supports...
    • experimental.rendering.software (#13886)
    • intenseTextStyle bold (#13458)
    • underline/overline/hyperlink lines (#13587)
  • Glyphs that have not been used in some time will be aged out and replaced (#13458) (#13607) (#13784) (#13477)
  • Performance over RDP to a machine that has no GPU has been improved (#13816)
    • (at the cost of some fidelity)
    • experimental.rendering.software will enable this fallback mode as a last resort for compatibility
  • Glyphs that do not fit in a cell will be scaled up or down as appropriate (#13549), including "Powerline" glyphs (#13650)
  • We've added a setting in the Rendering section, and promoted useAtlasEngine out of the experimental. compartment (#13939)
  • Fonts whose cell sizes were borderline are now rounded instead of clamped to the next pixel size up (#13833)
  • We've made some other correctness and compatibility fixes, far too minute to name (#13956) (#13496) (#13906) (#13530) (#13608)
  • Somewhat as a side effect of all this, you may notice that you're seeing an inverted cursor where you had not previously seen one!
• This release marks the triumphant return of the "adjust brightness of indistinguishable colors" feature... (#13343)
  • ...and it's brought friends: you can now enable it for all color pairs (#13512)
  • You can enable it with the profile setting adjustIndistinguishableColors (enum never, indexed, always; default never)
• We've redesigned the color schemes page (#13269) and made updates all over the settings UI (#13179) (#13390) (#13378) (#13377) (#13391)
  • New in this release: color scheme previews, and an easy-access "Set as default color scheme" button!
• You can now configure Terminal to hide when it loses focus (#13478) (thanks @davidegiacometti!)
• You can now close all panes other than the focused one with the closeOtherPanes action! (#13547) (thanks @JerBast!)
• There's a new option that lets you configure where new tabs appear: next to the current one, or at the end (#13421) (#13602) (#13469) (thanks @serd2011!)
  • JSON setting newTabPosition (enum afterLastTab (default), afterCurrentTab)
• Tab and Shift+Tab now navigate between hyperlinks in Mark Mode. You can open the selected link with Ctrl+Enter. (#13405) (#13494)
• You can now expandSelectionToWord, which will... well, you know. (#13765)
• We will now try to detect the title when Terminal is launched by default from an LNK file (#13570)
• For the old conhost fans in the room, you can now set experimental.enableColorSelection (global, bool, default false) to add 31 new actions that will highlight search results in the colors of the rainbow (#13429)
  • This conhost feature used to be hidden behind a registry key. If you know about it, I think I'm supposed to say you're "one of the real ones?"

Changes

Interaction

• When in mark mode, its built in key bindings Ctrl+A and the modified arrow keys will take precedence over your key bindings (#13659)
• We've polished how existing selections interact with mark mode (#13893)
• @AdamSotak has added quick access buttons for the source code and filing feedback to the About dialog (#13510) (thanks!)
• When your pane is in a light color scheme, the bell flash will now be dark (#13707) (thanks @Fyrebright!)
• Inverted cursors (which you might find lying around) will now be slightly modulated to account for accidental color overlaps (#13748) (thanks @alabuzhev!)
• When you Select All, we'll scroll to the top of the screen (#13656)
• Multi-line paste will no longer strip newlines if there are other newlines in the content (#13698) (thanks @serd2011!)
  • This is to aid in the pasting (after confirmation, of course!) of multi-line commands.

UI

• @dansmor7 figured out that we don't need to draw our caption buttons ourselves; now they look great on all versions of Windows! (#13341) (thanks!)

Console Compatibility

• We will now discard empty command histories before discarding LRU non-empty ones (#13869) (thanks @serd2011!)
• ReadConsoleOutput will no longer return nonsense if you wrote nonsense to the text buffer (API BREAKING CHANGE) (#13321)

VT Support

• We now support DECBKM (Backarrow Key Mode) (#13894) (thanks @j4james!)
• The slow march to soft font support in Terminal continues . . . (#13362) (thanks @j4james!)

Bug Fixes

Interaction

• Terminal will now use the tab's active title for Export Text (#13915) (thanks @serd2011!)
• The Emoji picker, PinYin IME or any other IME will no longer drift off the bottom of the screen (oops) (#13785)
• The settings UI will now disable "Always show tabs" when "Hide the title bar" is enabled (#13694) (thanks @leejy12!)
• We'll no longer helpfully offer to put things like \\ and : in your filenames for Export Text (oops) (#13693) (thanks @EliaSchiavon!)
• We've fixed command line argument parsing when there was a one-letter argument followed by a ; (#13706) (thanks @serd2011!)
• In the command palette, the 'go back' button will finally returns to the previously selected action (#13504) (thanks @JerBast!)

UI

• No longer is there a 1-pixel gap under inactive tabs (#13897)

Accessibility

• The Command Palette has become much chattier, announcing (to a screen reader) the name of the selected item (#13519)
• Asking for INT_MAX characters via UIA will no longer wig us out or try to send you multiple gigabytes of null bytes (#13779)
  • However, it remains impolite to ask for INT_MAX characters via ITextPattern::GetText.

Performance

• Terminal is now 1.2 megabytes smaller on disk (uncompressed) thanks to not using RTTI (#13947) (thanks RTTI!)
• Updating the jumplist used to happen on every launch. Now it will only happen if you've actually changed your settings (#13692)

Reliability

• Fixed a number of crashes, not all of which were common or user-impacting:
  • Attempted a fix for the SignalTextChanged crash (#13876)
  • Attempted another fix, this time for the _refreshSizeUnderLock crash (#13857)
  • Fixed a crash in _WritePseudoWindowCallback (#13777)
  • Fixed a crash on exit with the command palette open (#13778)
  • Fixed a race condition in UpdatePatternLocations (#13859)
  • Fixed two race conditions around pseudo window visibility (#13832)
  • Fixed a crash in NVDA, caused by us considering a specific text range invalid (#13907)
  • Fixed a ControlCore race condition on connection close (#13882)
  • Fixed a crash on settings reload (#13644)
  • Fixed a crash when showTabsInTitlebar:false (#13561)
  • Fixed crash on save in rejuv'd Color Schemes page (#13902)
• Terminal should now more reliably appear in the context menu
• We've stopped conhost from buying the farm when it got --headless without --signal (#13950)

With additional thanks to our documentation and code health contributors @jsoref and @LitoMore.

Download

This release migrates some awesome features, changes and bug fixes from Terminal 1.15 Preview into the stable channel!

• Terminal now supports "Mark Mode", a keyboard-first text selection and navigation mode. The name is an homage to the traditional Windows Console Host!
  • It is bound by default to Ctrl+Shift+M

Please see the following release notes for additional details:

• Windows Terminal Preview v1.15.228
• Windows Terminal Preview v1.15.200
• Windows Terminal Preview v1.15.186

Note that the new text rendering engine and scrollbar mark feature is not included in this Stable build. Yet.

IMPORTANT
This version was made available to the Dev External flighting ring (Windows Insiders) first, and will be
released to general availability one or two weeks later depending on its reliability.

As a reminder, Terminal 1.12 was the last version of Windows Terminal that supports Windows 19H1 or 19H2.
That version of windows is going out of support soon, so you may want to consider upgrading.

A preinstallation kit is available for system integrators and OEMs interested in prepackaging Windows Terminal with a Windows image. More information is available in the DISM documentation on preinstallation. Users who do not intend to preinstall Windows Terminal should continue using the msixbundle distribution.

If you intend on using Terminal as an unpackaged application--that is, extracting the msix file--we recommend that
you use the Win10 bundle. You will need the Visual C++ runtime redistributable.

In addition, if you install the packaged version on either Windows 10 or Windows 11, it now depends on the Visual C++ Universal Runtime Package.

Despite these distributions having different version numbers, they are built from the same code and there is no
functional difference between them.

If you install the Windows 10 version on Windows 11, it will probably automatically upgrade itself to the Windows 11
version. It turns out that it is impossible to have two bundles with the same version number, so it has to be this
way.

In addition to the above, we've backported the following changes and bugfixes from Windows Terminal Preview 1.16:

Changes

Interaction

• When in mark mode, its built in key bindings Ctrl+A and the modified arrow keys will take precedence over your key bindings (#13659)
• We've polished how existing selections interact with mark mode (#13893)

UI

• @dansmor7 figured out that we don't need to draw our caption buttons ourselves; now they look great on all versions of Windows! (#13341) (thanks!)

Bug Fixes

Interaction

• Terminal will now use the tab's active title for Export Text (#13915) (thanks @serd2011!)
• The Emoji picker, PinYin IME or any other IME will no longer drift off the bottom of the screen (oops) (#13785)

Accessibility

• The Command Palette has become much chattier, announcing (to a screen reader) the name of the selected item (#13519)
• Asking for INT_MAX characters via UIA will no longer wig us out or try to send you multiple gigabytes of null bytes (#13779)
  • However, it remains impolite to ask for INT_MAX characters via ITextPattern::GetText.

Performance

• Terminal is now 1.2 megabytes smaller on disk (uncompressed) thanks to not using RTTI (#13947) (thanks RTTI!)

Reliability

• Fixed a number of crashes (smaller number than that in Preview), not all of which were common or user-impacting:
  • Attempted a fix for the SignalTextChanged crash (#13876)
  • Attempted another fix, this time for the _refreshSizeUnderLock crash (#13857)
  • Fixed a crash in _WritePseudoWindowCallback (#13777)
  • Fixed a crash on exit with the command palette open (#13778)
  • Fixed a race condition in UpdatePatternLocations (#13859)
  • Fixed two race conditions around pseudo window visibility (#13832)
  • Fixed a crash in NVDA, caused by us considering a specific text range invalid (#13907)
• Terminal should now more reliably appear in the context menu

With additional thanks to our documentation and code health contributors @jsoref and @LitoMore.

Download

New Features

• add --large-file argument to process larger files
• Python package now contains the signature files to identify library functions

Other Updates

• updated IDA Pro integration and annotation scripts

Download

Please see the file CHANGELOG for a detailed list of changes.

Experimental versions - There may be bugs in the GUI

Download

This is another servicing release for the Preview channel of Windows Terminal! We fixed that Alt+Tab issue!

Note
People in the Beta channel of the Windows Insider program will receive 1.15 as a Stable channel update while we test out coming features for the next version of Windows. It is roughly equivalent to the build included here, but it does not include the experimental text rendering engine.

It contains the following other things as well:

Bug Fixes

Usability

• We've restored the ability for Alt+Tab to restore the Terminal after it was minimized with the taskbar icon (#13624)
• Terminal will no longer replace colored backgrounds with blank spaces on first launch (#13665)
• We will once again display underlines, hyperlinks, and more to the end of the line instead of getting tired and stopping early (#13661)
• Sessions handed off from the Windows Console will no longer stick around with an ominous and annoying "process exited with code ..." message, unless you explicitly configure them to.
  • To accomplish this, we've changed the default value of closeOnExit to a new value, automatic. Automatic close-on-exit determines whether
    to close based on whether the process exited gracefully and whether the process was spawned by Terminal. (#13560) (#13649)
• Select All and Mark Mode will now trigger scrolling to make sure that one of the selection endpoints is visible. (#13660)
• SendInput with high unicode characters will no longer fail (#13667)
• Text input in Japanese, Vietnamese, Korean and Chinese should be more reasonably switch between alphanumeric modes (#13678) (#13677)

Reliability

• We've upgraded to XAML 2.7.3 to fix a crash in closing the Settings page (#13761)
• The "Open Terminal Here" context menu item should show up more reliably (and crash less) (reverted PR #13206)
• We've solved--or at least, reduced the incidence of--one source of deadlocks in rendering (#13758)
• We'll try much harder to defibrillate a Terminal session that can't talk to the "primary" Terminal session to improve reliability (#13604)
• We will now listen to signals the OS sends us telling us that it's taking us down for an update. It's not going to help us stop it form happening,
  but it puts us in a better position to handle it later (#13614)

Performance

• We're preparing to fix an issue with jump list generation that results in a slower-than-expected launch (but we aren't there yet) (#13688)
• There is now only one tab color picker in the world, and all users terminal tabs now have to share it (to improve performance) (#13736

Download

This servicing release of Windows Terminal v1.14 originally became available in the Release Preview channel on August 17th

A preinstallation kit is available for system integrators and OEMs interested in prepackaging Windows Terminal with a Windows image. More information is available in the DISM documentation on preinstallation. Users who do not intend to preinstall Windows Terminal should continue using the msixbundle distribution.

If you intend on using Terminal as an unpackaged application--that is, extracting the msix file--we recommend that
you use the Win10 bundle. You will need the Visual C++ runtime redistributable.

In addition, if you install the packaged version on either Windows 10 or Windows 11, it now depends on the Visual C++ Universal Runtime Package.

Despite these distributions having different version numbers, they are built from the same code and there is no
functional difference between them.

If you install the Windows 10 verison on Windows 11, it will probably automatically upgrade itself to the Windows 11
version. It turns out that it is impossible to have two bundles with the same version number, so it has to be this
way.

It contains the following fixes:

• We've upgraded to XAML 2.7.3 to fix a crash in closing the Settings page (#13761)
• The "Open Terminal Here" context menu item should show up more reliably (and crash less) (reverted PR #13206)
• We've solved--or at least, reduced the incidence of--one source of deadlocks in rendering (#13758)
• Terminal will no longer replace colored backgrounds with blank spaces on first launch (#13665)
• We will once again display underlines, hyperlinks, and more to the end of the line instead of getting tired and stopping early (#13661)
• SendInput with high unicode characters will no longer fail (#13667)
• We've restored the ability for Alt+Tab to restore the Terminal after it was minimized with the taskbar icon (#13624)

Download

Some rules contained invalid metadata fields that caused an error when rendering rule hits. We've updated all rules and enhanced the rule linter to catch such issues.

New Rules (1)

• anti-analysis/obfuscation/obfuscated-with-vs-obfuscation jakub.jozwiak@mandiant.com

Bug Fixes

• linter: use pydantic to validate rule metadata #1141 @mike-hunhoff
• build binaries using PyInstaller no longer overwrites functions in version.py #1136 @mr-tz

Raw diffs

• capa v4.0.0...v4.0.1
• capa-rules v4.0.0...v4.0.1

Download

Version 4 adds support for analyzing .NET executables. capa will autodetect .NET modules, or you can explicitly invoke the new feature extractor via --format dotnet. We've also extended the rule syntax for .NET features including namespace and class.

Additionally, new instruction scope and operand features enable users to create more explicit rules. These features are not backwards compatible. We removed the previously used /x32 and /x64 flavors of number and operand features.

We updated 49 existing rules and added 22 new rules leveraging these new features and characteristics to detect capabilities seen in .NET malware.

More breaking changes include updates to the JSON results document, freeze file format schema (now format version v2), and the internal handling of addresses.

Thanks for all the support, especially to @htnhan, @jtothej, @sara-rn, @anushkavirgaonkar, and @_re_fox!

Deprecation warning: v4.0 will be the last capa version to support the SMDA backend.

New Features

• add new scope "instruction" for matching mnemonics and operands #767 @williballenthin
• add new feature "operand[{0, 1, 2}].number" for matching instruction operand immediate values #767 @williballenthin
• add new feature "operand[{0, 1, 2}].offset" for matching instruction operand offsets #767 @williballenthin
• extract additional offset/number features in certain circumstances #320 @williballenthin
• add detection and basic feature extraction for dotnet #987 @mr-tz, @mike-hunhoff, @williballenthin
• add file string extraction for dotnet files #1012 @mike-hunhoff
• add file function-name extraction for dotnet files #1015 @mike-hunhoff
• add unmanaged call characteristic for dotnet files #1023 @mike-hunhoff
• add mixed mode characteristic feature extraction for dotnet files #1024 @mike-hunhoff
• emit class and namespace features for dotnet files #1030 @mike-hunhoff
• render: support Addresses that aren't simple integers, like .NET token+offset #981 @williballenthin
• document rule tags and branches #1006 @williballenthin, @mr-tz

Breaking Changes

• instruction scope and operand feature are new and are not backwards compatible with older versions of capa
• Python 3.7 is now the minimum supported Python version #866 @williballenthin
• remove /x32 and /x64 flavors of number and operand features #932 @williballenthin
• the tool now accepts multiple paths to rules, and JSON doc updated accordingly @williballenthin
• extractors must use handles to identify functions/basic blocks/instructions #981 @williballenthin
• the freeze file format schema was updated, including format version bump to v2 #986 @williballenthin

Deprecation notice: as described in #937, we plan to remove the SMDA backend for v5. If you rely on this backend, please reach out so we can discuss extending the support for SMDA or transitioning your workflow to use vivisect.

New Rules (30)

• data-manipulation/encryption/aes/manually-build-aes-constants huynh.t.nhan@gmail.com
• nursery/get-process-image-filename michael.hunhoff@mandiant.com
• compiler/v/compiled-with-v jakub.jozwiak@mandiant.com
• compiler/zig/compiled-with-zig jakub.jozwiak@mandiant.com
• anti-analysis/packer/huan/packed-with-huan jakub.jozwiak@mandiant.com
• internal/limitation/file/internal-dotnet-file-limitation william.ballenthin@mandiant.com
• nursery/get-os-information-via-kuser_shared_data @mr-tz
• load-code/pe/resolve-function-by-parsing-PE-exports @sara-rn
• anti-analysis/packer/huan/packed-with-huan jakub.jozwiak@mandiant.com
• nursery/execute-dotnet-assembly anushka.virgaonkar@mandiant.com
• nursery/invoke-dotnet-assembly-method anushka.virgaonkar@mandiant.com
• collection/screenshot/capture-screenshot-via-keybd-event @_re_fox
• collection/browser/gather-chrome-based-browser-login-information @_re_fox
• nursery/power-down-monitor michael.hunhoff@mandiant.com
• nursery/hash-data-using-aphash @_re_fox
• nursery/hash-data-using-jshash @_re_fox
• host-interaction/file-system/files/list/enumerate-files-on-windows moritz.raabe@mandiant.com anushka.virgaonkar@mandiant.com
• nursery/check-clipboard-data anushka.virgaonkar@mandiant.com
• nursery/clear-clipboard-data anushka.virgaonkar@mandiant.com
• nursery/compile-dotnet-assembly anushka.virgaonkar@mandiant.com
• nursery/create-process-via-wmi anushka.virgaonkar@mandiant.com
• nursery/display-service-notification-message-box anushka.virgaonkar@mandiant.com
• nursery/find-process-by-name anushka.virgaonkar@mandiant.com
• nursery/generate-random-numbers-in-dotnet anushka.virgaonkar@mandiant.com
• nursery/send-keystrokes anushka.virgaonkar@mandiant.com
• nursery/send-request-in-dotnet anushka.virgaonakr@mandiant.com
• nursery/terminate-process-by-name-in-dotnet anushka.virgaonkar@mandiant.com
• nursery/hash-data-using-rshash @_re_fox
• persistence/authentication-process/act-as-credential-manager-dll jakub.jozwiak@mandiant.com
• persistence/authentication-process/act-as-password-filter-dll jakub.jozwiak@mandiant.com

Bug Fixes

• improve handling _ prefix compile/link artifact #924 @mike-hunhoff
• better detect OS in ELF samples #988 @williballenthin
• display number feature zero in vverbose #1097 @mike-hunhoff

capa explorer IDA Pro plugin

• improve file format extraction #918 @mike-hunhoff
• remove decorators added by IDA to ELF imports #919 @mike-hunhoff
• bug fixes for Address abstraction #1091 @mike-hunhoff

Raw diffs

• capa v3.2.0...v4.0.0
• capa-rules v3.2.0...v4.0.0

Download

Bump version number.

Download

Bump version to 5.6.0.

Download

This is the second development build after the Windows Package Manager 1.3 build for Windows 10 (1809+) and Windows 11.

Experimental features are enabled in this release. The experimental support for installing from a zip file (except portable packages) is included in this release. This build will be released to Windows Insider Dev builds, and Windows Package Manager Insiders.

Run winget features to see which experimental features are enabled or disabled.
Add the following to your settings (winget settings) file to enable support for testing .zip manifests:

"experimentalFeatures": {"zipInstall": true}

Note: The Windows Package Manager Community Repository does not accept zip applications. They will not be accepted until after 1.4 is Generally Available and has been rolled out to the majority of Windows systems via the automatic upgrade from the Microsoft Store. Users may test with local manifests.

We've also made progress towards native PowerShell cmdlets. These will work with PowerShell 6 and PowerShell 7. We're still working on the hurdles associated with PowerShell 5.1. We're planning to have a downloadable module for import in a future release. Join the PowerShell discussions if you're interested.

Features

• Add Microsoft.WinGet.Client PowerShell Module files #2314
• winget find should be a synonym of winget search #1299
• Add aliases for installation and uninstallation #2303
• Add winget remove as an alias command for winget uninstall #1978
• Make "Update" an alias for "Upgrade" #1026
• Command aliases #380

Bugs

• winget 1.4.2011-preview can't install MSI-based applications #2365

What's Changed

• Add InstallationMetadata to manifests for future deep installation detection by @yao-msft in #2350
• Expand WinMD discovery by @jontab in #2348
• Move to using sqlite3_errmsg to extract a contextual error for SQLite failures by @JohnMcPMS in #2352
• Add in-process and out-of-process E2E tests by @AmelBawa-msft in #2315
• Implement FolderFileWatcher by @msftrubengu in #2336
• Update CsWinRTWindowsMetadata value by @AmelBawa-msft in #2357
• Remove correlation blocker for remote->local in some cases by @JohnMcPMS in #2362
• Update documentation with 1.3 settings by @ryfu-msft in #2363
• Add Microsoft.WinGet.Client PowerShell Module files by @jontab in #2314
• Fix file overwrite warning displayed on clean first install by @ryfu-msft in #2375
• Logging improvements by @JohnMcPMS in #2378
• Add SYSTEM to explicit ACLs by @JohnMcPMS in #2370
• Remove tests that no longer serve a purpose by @JohnMcPMS in #2379
• Check for symlink creation privilege for portable install by @ryfu-msft in #2369
• Server certificate pinning for Store source by @JohnMcPMS in #2347
• Remove scope filter from being applied to portables by @ryfu-msft in #2383
• Validate SignatureSha256 for MSIX packages during the manifest validation by @AmelBawa-msft in #2384
• Enable MSI testing in CI/CD pipeline by @JohnMcPMS in #2386
• Standardize 'Show' labels to manifest fields by @Trenly in #2311
• fix ms-windows-store link not rendered in md by @iamCristYe in #2403
• Add command aliases by @Trenly in #2390
• Add support for RequireExplicitUpgrade manifest element by @lechacon in #1795
• Add the ability to specify "scope or unknown" via COM by @JohnMcPMS in #2402

New Contributors

• @iamCristYe made their first contribution in #2403

Full Changelog: release-v1.3.1872...release-v1.4.2161-preview

Download

Official GNU Binutils 2.39 release

Download

ILSpy 8 is based on .NET 6.0 compared to .NET Framework 4.7.2 for the previous generations of ILSpy. All artifacts except the self-contained distribution are built framework-dependent, which means .NET 6.0 must be installed prior to starting ILSpy.

New Language Features

• C# 11: ref fields
• C# 10: record structs
• C# 10: Support DefaultInterpolatedStringHandler
• Updated pattern detection for Roslyn 4.3.0
• Output attributes on lambda expressions

Contributions

• Allow user to provide ID when generating a PDB (see #2678 by @andrewcrawley)
• Assume conventionally named unresolved method references are properties or events (see #2677 by @fowl2)
• Add EnableWindowsTargeting propery to csprojs targeting net6.0-windows (see #2752 by @clin1234)
• Reduce allocations in TransformArrayInitializers (see #2731 by @ElektroKill)
• Fix allowed language versions in ilspycmd (see #2703 by @superstrom)
• Fix crash target framework detection with C++/CLI (see #2698 by kant2002)

Enhancements

• #2684: Iteratively unhide compiler-generated code, if it is referenced by user-code
• Use Unsafe.SizeOf when taking the size of a managed type
• #2718: Move XAML files that have an x:Class declaration next to their C# counterparts when using WholeProjectDecompiler

Bug fixes

• #2691: Do not use AssemblyDefintion.GetAssemblyName(). This fails in culture-invariant mode (ilspycmd) when trying to work with satellite assemblies, because System.Reflection.AssemblyName tries to retrieve CultureInfo of the assembly culture
• #2733: Ignore bad metadata when trying to resolve ResolutionScope
• #2741: CallBuilder produces invalid invocation target when disambiguating calls to protected methods

And many other fixes, for a full list click here.

Download