From da19deee21ab68404a05334c797aa9011a8902e5 Mon Sep 17 00:00:00 2001 From: natasha-moore-elastic Date: Wed, 22 Oct 2025 12:13:52 +0100 Subject: [PATCH 1/4] [Security] 9.1.6 release notes --- release-notes/elastic-security/index.md | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/release-notes/elastic-security/index.md b/release-notes/elastic-security/index.md index c07fc1efdc..8537d7e1b5 100644 --- a/release-notes/elastic-security/index.md +++ b/release-notes/elastic-security/index.md @@ -27,6 +27,20 @@ To check for security updates, go to [Security announcements for the Elastic sta % * +## 9.1.6 [elastic-security-9.1.6-release-notes] + +### Features and enhancements [elastic-security-9.1.6-features-enhancements] +* Adds the `customized_fields` and `has_base_version` fields to the `rule_source` object schema [#234793]({{kib-pull}}234793). + +### Fixes [elastic-security-9.1.6-fixes] +* Fixes {{elastic-endpoint}} artifacts spaces migration to ensure all artifacts are processed [#238740]({{kib-pull}}238740). +* Fixes an issue causing "missing authentication credentials" warnings in `TelemetryConfigWatcher` and `PolicyWatcher`, reducing unnecessary warning log entries in the `securitySolution` plugin. [#237796]({{kib-pull}}237796). +* Fixes an {{elastic-defend}} issue in malware protection for Linux where a deadlock could sometimes occur when containers and autofs were both active. +* Fixes an {{elastic-defend}} issue on Linux by preventing unnecessary locking within malware protection to avoid invalid watchdog firings. +* Fixes issues that could sometimes cause crashes of the {{elastic-defend}} user-mode process on very busy Windows systems. +* Fixes an {{elastic-defend}} issue on Windows which could allow a low-privilege attacker to delete arbitrary files on the system. On versions of Windows before Windows 11 24H2, this could result in local privilege escalation. +* Fixes an {{elastic-defend}} bug in Linux event collection where some long-running processes were not enriched. + ## 9.1.5 [elastic-security-9.1.5-release-notes] ### Features and enhancements [elastic-security-9.1.5-features-enhancements] From 8a1a8a796f3357064559295247a65ec228d681c2 Mon Sep 17 00:00:00 2001 From: natasha-moore-elastic <137783811+natasha-moore-elastic@users.noreply.github.com> Date: Wed, 22 Oct 2025 13:35:44 +0100 Subject: [PATCH 2/4] Update release-notes/elastic-security/index.md Co-authored-by: Nicholas Berlin <56366649+nicholasberlin@users.noreply.github.com> --- release-notes/elastic-security/index.md | 6 ------ 1 file changed, 6 deletions(-) diff --git a/release-notes/elastic-security/index.md b/release-notes/elastic-security/index.md index 8537d7e1b5..6f0b651d03 100644 --- a/release-notes/elastic-security/index.md +++ b/release-notes/elastic-security/index.md @@ -35,12 +35,6 @@ To check for security updates, go to [Security announcements for the Elastic sta ### Fixes [elastic-security-9.1.6-fixes] * Fixes {{elastic-endpoint}} artifacts spaces migration to ensure all artifacts are processed [#238740]({{kib-pull}}238740). * Fixes an issue causing "missing authentication credentials" warnings in `TelemetryConfigWatcher` and `PolicyWatcher`, reducing unnecessary warning log entries in the `securitySolution` plugin. [#237796]({{kib-pull}}237796). -* Fixes an {{elastic-defend}} issue in malware protection for Linux where a deadlock could sometimes occur when containers and autofs were both active. -* Fixes an {{elastic-defend}} issue on Linux by preventing unnecessary locking within malware protection to avoid invalid watchdog firings. -* Fixes issues that could sometimes cause crashes of the {{elastic-defend}} user-mode process on very busy Windows systems. -* Fixes an {{elastic-defend}} issue on Windows which could allow a low-privilege attacker to delete arbitrary files on the system. On versions of Windows before Windows 11 24H2, this could result in local privilege escalation. -* Fixes an {{elastic-defend}} bug in Linux event collection where some long-running processes were not enriched. - ## 9.1.5 [elastic-security-9.1.5-release-notes] ### Features and enhancements [elastic-security-9.1.5-features-enhancements] From cf51c904c12bd27bea765f7b01e6d785ff1c1f41 Mon Sep 17 00:00:00 2001 From: natasha-moore-elastic <137783811+natasha-moore-elastic@users.noreply.github.com> Date: Thu, 23 Oct 2025 09:15:19 +0100 Subject: [PATCH 3/4] Update release-notes/elastic-security/index.md Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com> --- release-notes/elastic-security/index.md | 1 + 1 file changed, 1 insertion(+) diff --git a/release-notes/elastic-security/index.md b/release-notes/elastic-security/index.md index 6f0b651d03..04a8b376a6 100644 --- a/release-notes/elastic-security/index.md +++ b/release-notes/elastic-security/index.md @@ -31,6 +31,7 @@ To check for security updates, go to [Security announcements for the Elastic sta ### Features and enhancements [elastic-security-9.1.6-features-enhancements] * Adds the `customized_fields` and `has_base_version` fields to the `rule_source` object schema [#234793]({{kib-pull}}234793). +* Implements CDR Data View versioning and migration logic ({kibana-pull}238547[#238547]). ### Fixes [elastic-security-9.1.6-fixes] * Fixes {{elastic-endpoint}} artifacts spaces migration to ensure all artifacts are processed [#238740]({{kib-pull}}238740). From 5cabb8cde7a0b0e82a0bba113dd149d725095b30 Mon Sep 17 00:00:00 2001 From: natasha-moore-elastic Date: Thu, 23 Oct 2025 09:18:01 +0100 Subject: [PATCH 4/4] fix formatting --- release-notes/elastic-security/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/release-notes/elastic-security/index.md b/release-notes/elastic-security/index.md index 04a8b376a6..0c03bfd6f2 100644 --- a/release-notes/elastic-security/index.md +++ b/release-notes/elastic-security/index.md @@ -31,7 +31,7 @@ To check for security updates, go to [Security announcements for the Elastic sta ### Features and enhancements [elastic-security-9.1.6-features-enhancements] * Adds the `customized_fields` and `has_base_version` fields to the `rule_source` object schema [#234793]({{kib-pull}}234793). -* Implements CDR Data View versioning and migration logic ({kibana-pull}238547[#238547]). +* Implements CDR Data View versioning and migration logic [#238547]({{kib-pull}}238547). ### Fixes [elastic-security-9.1.6-fixes] * Fixes {{elastic-endpoint}} artifacts spaces migration to ensure all artifacts are processed [#238740]({{kib-pull}}238740).