Navigation section

detection change

About this tag
The detection change tag on WindowsForum.com covers instances where Microsoft security bulletins or updates are revised to include a detection change only, meaning the update files themselves are not modified but the detection logic for offering or applying the update is adjusted. These changes often correct reoffering issues, exclude certain language packs, or remove replaced bulletins. The tag also appears in discussions about Windows Event Log auditing, where users seek to identify what triggers specific audit events, such as those related to security policy changes or SIEM alerts. Topics span Windows Server 2019, Windows 8.1, Windows RT, Windows Vista, and older versions like Windows XP Professional x64 Edition, with references to SentinelOne and Alienvault in the context of event monitoring.
  1. T

    I need some assistance finding out what is causing this Event Log Auditing event

    I am using Alienvault to log our SIEM Events from our Windows 2019 servers, and I am trying to find out how to debug what is causing this recurring Auditing Event in our Windows Event Logs. I have found out that SentinelOne is scanning this file at the time, but is there a way to see what...
    • tpancrazio
    • Thread
    • alienvault audit policy change auditing events computer name debugging detection change event log event tracking log management recurring events security security audits sentinelone siem windows security windows server 2019
    • Replies: 1
    • Forum: Windows Server Forums
  2. News

    Vulnerability in Windows Could Allow Remote Code Execution - Version: 1.3

    Severity Rating: Critical Revision Note: V1.3 (February 28, 2014): Bulletin revised to announce a detection change in the 2893294 update for Windows 8.1 for 32-bit Systems, Windows 8.1 for x64-based Systems, Windows RT 8.1, and Windows Server 2012 R2. This is a detection change only. There were...
    • News
    • Thread
    • critical rating detection change extended security updates microsoft portable executable remote code execution update bulletin vulnerability windows 8.1 windows server 2012 r2
    • Replies: 0
    • Forum: Security Alerts
  3. News

    Vulnerability in Windows Could Allow Remote Code Execution - Version: 1.3

    Severity Rating: Critical Revision Note: V1.3 (February 28, 2014): Bulletin revised to announce a detection change in the 2893294 update for Windows 8.1 for 32-bit Systems, Windows 8.1 for x64-based Systems, Windows RT 8.1, and Windows Server 2012 R2. This is a detection change only. There were...
    • News
    • Thread
    • critical detection change extended security updates pe file remote code execution vulnerability windows windows 8.1 windows rt windows server
    • Replies: 0
    • Forum: Security Alerts
  4. News

    MS13-046 - Important : Vulnerabilities in Kernel-Mode Drivers Could Allow Elevation Of...

    Severity Rating: Important Revision Note: V1.1 (December 16, 2013): Revised bulletin to announce a detection change to correct an offering issue for Windows RT (2829361) and Windows RT (2830290). This is a detection change only. There were no changes to the update files. Customers who have...
    • News
    • Thread
    • attack detection change drivers elevation important kernel-mode local access microsoft ms13-046 patch privilege revision security update vulnerability windows windows rt
    • Replies: 0
    • Forum: Security Alerts
  5. News

    MS11-076 - Important : Vulnerability in Windows Media Center Could Allow Remote Code Execution...

    Severity Rating: Important Revision Note: V1.1 (July 9, 2013): Bulletin revised to announce a detection change in the Windows Vista packages for the 2579686 update to correct a Windows Update reoffering issue. This is a detection change only. Customers who have already successfully updated their...
    • News
    • Thread
    • detection change dll dynamic link library execution extended security updates media center ms11-076 remote code execution vulnerability windows vista
    • Replies: 0
    • Forum: Security Alerts
  6. News

    MS11-007 - Critical : Vulnerability in the OpenType Compact Font Format (CFF) Driver Could...

    Severity Rating: Critical Revision Note: V2.1 (July 9, 2013): Bulletin revised to announce a detection change that excludes Windows 7 language packs from the 2485376 update for Windows XP Professional x64 Edition Service Pack 2. This is a detection change only. Customers who have already...
    • News
    • Thread
    • announcement bug fixes cff driver critical detection change email security font format internet safety online threats patch privately reported remote code execution security update user awareness vulnerability windows windows 7 windows xp
    • Replies: 0
    • Forum: Security Alerts
  7. News

    MS13-006 - Important : Vulnerability in Microsoft Windows Could Allow Security Feature Bypass...

    Severity Rating: Important Revision Note: V1.2 (July 9, 2013): Bulletin revised to announce a detection change in the Windows Vista packages for the 2785220 update to correct a Windows Update reoffering issue. This is a detection change only. Customers who have already successfully updated their...
    • News
    • Thread
    • attacker bulletin cybersecurity detection change encryption handshake important microsoft patch privately reported reoffering security ssl tls update vulnerability web traffic windows windows vista
    • Replies: 0
    • Forum: Security Alerts
  8. News

    MS10-058 - Important : Vulnerabilities in TCP/IP Could Allow Elevation of Privilege (978886) - Versi

    Severity Rating: Important Revision Note: V2.0 (March 13, 2012): Revised bulletin to announce a detection change that removes MS10-029 as the replaced bulletin for all supported editions of Windows Vista and Windows Server 2008. For more information, see the related entry in the...
    • News
    • Thread
    • arbitrary code attack bug fixes cybersecurity detection change elevation of privilege extended security updates microsoft ms10-058 privileged access software security system privileges tcp/ip update faq vulnerability windows server windows vista
    • Replies: 0
    • Forum: Security Alerts
  9. News

    MS11-018 - Critical : Cumulative Security Update for Internet Explorer (2497640) - Version: 2.0

    Severity Rating: Critical Revision Note: V2.0 (May 16, 2011): Bulletin rereleased to reoffer the update for Internet Explorer 7 on supported editions of Windows XP and Windows Server 2003. This is a detection change only. There were no changes to the binaries. Only affected customers...
    • News
    • Thread
    • binaries critical cumulative customer action detection change exploitation ie7 ie8 internet explorer moderate remote code execution revision security technical note update user rights vulnerability webpage windows server windows xp
    • Replies: 0
    • Forum: Security Alerts
  10. News

    MS11-049 - Important : Vulnerability in the Microsoft XML Editor Could Allow Information Disclosure

    Severity Rating: Important Revision Note: V2.0 (August 9, 2011): Bulletin rereleased to announce a detection change to the update for Microsoft Visual Studio 2005 Service Pack 1 (KB2251481) to add detection for related software listed in the update FAQ. There were no changes to the...
    • News
    • Thread
    • 2011 affected software compromise detection change disco file extended security updates information disclosure kb2251481 microsoft privately reported security security bulletin service pack update faq user rights visual studio vulnerability web services xml
    • Replies: 0
    • Forum: Security Alerts
  11. News

    Change Management Software supports Windows 7 and Windows 2008 Server..

    Supporting 32-bit Windows® 7 and 64-bit Windows 2008 server, AutoSave v5.06 interfaces with third party PLC editor packages to provide archival backups, change detection/documentation, historical tracking, secured user/workstation, disaster recovery, controlled editor operations, and automatic...
    • News
    • Thread
    • autosave backup change management change notification detection change disaster recovery editor operations historical tracking reports module security third party windows 7 windows server
    • Replies: 0
    • Forum: Live RSS Feeds
  12. V

    Windows 7 Windows 7 additional log off / on issue

    We have a requirement to change key board properties (Repeat delay, Repeat rate and Cursor blink rate) and Default Input language programmatically. Our application is run under user context which is different from the user who is currently logged-on to the machine. For ex: If User1 is...
    • vijaykumar
    • Thread
    • administrative tasks application behavior detection change gpo group policy input language keyboard properties keyboard settings log off operating system restart user context user experience user management windows 7 windows issues
    • Replies: 1
    • Forum: Windows Help and Support
Back
Top