Skip to content

[Security] 9.0.5 release notes #2446

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 4 commits into from
Aug 12, 2025
Merged

[Security] 9.0.5 release notes #2446

Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
ebe3e41
[Security] 9.0.5 release notes
natasha-moore-elastic Aug 7, 2025
d5df044
endpoint updates
natasha-moore-elastic Aug 11, 2025
d40635a
adds RM note to 9.0.4
natasha-moore-elastic Aug 11, 2025
a4ab5a9
Merge branch 'main' into sec-rn-9.0.5
natasha-moore-elastic Aug 12, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 17 additions & 0 deletions release-notes/elastic-security/index.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -136,9 +136,26 @@ To check for security updates, go to [Security announcements for the Elastic sta
* Fixes a bug in {{elastic-defend}} where Linux network events would have source and destination byte counts swapped.
* Fixes an issue where {{elastic-defend}} may incorrectly set the artifact channel in policy responses, and adds `manifest_type` to policy responses.

## 9.0.5 [elastic-security-9.0.5-release-notes]

### Features and enhancements [elastic-security-9.0.5-features-enhancements]
* Adds the `detection_rule_upgrade_status` object to snapshot telemetry schema [#223086]({{kib-pull}}223086).
* Reduces {{elastic-defend}} CPU when processing events from the System process on Windows.
* Allows {{elastic-defend}} to automatically recover in some situations when it loses connectivity with {{agent}}.
* Shortens the time it takes {{elastic-defend}} to recover from a `DEGRADED` status caused by communication issues with {{agent}}.
* Due to an issue in macOS, {{elastic-defend}} would sometimes send network events without `user.name` populated. {{elastic-defend}} will now identify these events and populate `user.name` if necessary.
* Reduces {{elastic-defend}} CPU usage for ETW events, API events, and Behavioral Protections. In some cases, this may be a significant reduction.


### Fixes [elastic-security-9.0.5-fixes]
* Fixes a bug where Security AI Assistant settings landed on the wrong page for users on the Basic license [#229163]({{kib-pull}}229163).
* Fixes an issue in {{elastic-defend}} performance metrics that resulted in `endpoint_uptime_percent` always being 0 for behavioral rules.
* Fixes an issue in {{elastic-defend}} that could result in a crash if a {{ls}} output configuration is specified containing a certificate that cannot not be parsed.

## 9.0.4 [elastic-security-9.0.4-release-notes]

### Features and enhancements [elastic-security-9.0.4-features-enhancements]
* Adds the `elastic_customized_total`, `elastic_noncustomized_total`, and `is_customized` fields to snapshot telemetry schema [#222370]({{kib-pull}}222370).
* Improves logging of fatal exceptions in {{elastic-defend}}.

### Fixes [elastic-security-9.0.4-fixes]
Expand Down
Loading