From 5515d13b9083c0540b805c52bb60ba0e4865c427 Mon Sep 17 00:00:00 2001
From: natasha-moore-elastic <natasha.moore@elastic.co>
Date: Thu, 6 Nov 2025 13:30:23 +0000
Subject: [PATCH 1/3] Security 8.19.7 release notes

---
 docs/release-notes.asciidoc      |  1 +
 docs/release-notes/8.19.asciidoc | 24 ++++++++++++++++++++++++
 2 files changed, 25 insertions(+)

diff --git a/docs/release-notes.asciidoc b/docs/release-notes.asciidoc
index 9f0c9794d7..55fd616fb5 100644
--- a/docs/release-notes.asciidoc
+++ b/docs/release-notes.asciidoc
@@ -3,6 +3,7 @@
 
 This section summarizes the changes in each release.
 
+* <<release-notes-8.19.7, {elastic-sec} version 8.19.7>>
 * <<release-notes-8.19.6, {elastic-sec} version 8.19.6>>
 * <<release-notes-8.19.5, {elastic-sec} version 8.19.5>>
 * <<release-notes-8.19.4, {elastic-sec} version 8.19.4>>
diff --git a/docs/release-notes/8.19.asciidoc b/docs/release-notes/8.19.asciidoc
index a21d6aabe3..03dfe457de 100644
--- a/docs/release-notes/8.19.asciidoc
+++ b/docs/release-notes/8.19.asciidoc
@@ -1,6 +1,30 @@
 [[release-notes-header-8.19.0]]
 == 8.19
 
+[discrete]
+[[release-notes-8.19.7]]
+=== 8.19.7
+
+[discrete]
+[[enhancements-8.19.7]]
+==== Enhancements
+* Improves the reliability of Cloud Security Posture (CSP) data by automatically upgrading outdated Misconfiguration and Vulnerabilities data views to the correct versions ({kibana-pull}238547[#238547]).
+* Improves the reliability of {elastic-defend} Kafka connections.
+* Improves the accuracy of thread CPU usage reported in {elastic-defend} metrics documents.
+
+[discrete]
+[[bug-fixes-8.19.7]]
+==== Fixes
+* Fixes entity flyout **Risk contributions** tab link ({kibana-pull}241153[#241153]).
+* Fixes a pagination issue with the data table on the **Indicators** page ({kibana-pull}241108[#241108]).
+* Allows partial matches on rule name when searching installed rules ({kibana-pull}237496[#237496]).
+* Fixes an issue where rule exception operators could not be cleared when editing a rule exception ({kibana-pull}236051[#236051]).
+* Fixes an {elastic-defend} issue on Linux by preventing unnecessary locking within malware protection to avoid invalid watchdog firings.
+* Fixes issues that could sometimes cause crashes of the {elastic-defend} user-mode process on very busy Windows systems.
+* Fixes multiple {elastic-defend} issues in malware protection for Linux where a deadlock could sometimes occur when containers and autofs were both active.
+* Fixes an {elastic-defend} bug in Linux event collection where some long-running processes were not enriched.
+* Fixes an issue in {elastic-defend} that could cause the `get-file` and `execute` response actions to start failing after many are issued with a single running instance of {elastic-defend}.
+
 [discrete]
 [[release-notes-8.19.6]]
 === 8.19.6

From e667bfc9cbb02691d1d81503b28b070842162f69 Mon Sep 17 00:00:00 2001
From: natasha-moore-elastic
 <137783811+natasha-moore-elastic@users.noreply.github.com>
Date: Fri, 7 Nov 2025 12:09:04 +0000
Subject: [PATCH 2/3] Apply suggestions from code review

Co-authored-by: Steven de Salas <sdesalas@users.noreply.github.com>
Co-authored-by: Gabriel Landau <42078554+gabriellandau@users.noreply.github.com>
---
 docs/release-notes/8.19.asciidoc | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/docs/release-notes/8.19.asciidoc b/docs/release-notes/8.19.asciidoc
index 03dfe457de..d1e790c78b 100644
--- a/docs/release-notes/8.19.asciidoc
+++ b/docs/release-notes/8.19.asciidoc
@@ -17,13 +17,14 @@
 ==== Fixes
 * Fixes entity flyout **Risk contributions** tab link ({kibana-pull}241153[#241153]).
 * Fixes a pagination issue with the data table on the **Indicators** page ({kibana-pull}241108[#241108]).
-* Allows partial matches on rule name when searching installed rules ({kibana-pull}237496[#237496]).
+* Fixes multiple issues searching installed rules by allowing partial matches on rule name and improving special character support ({kibana-pull}237496[#237496]).
 * Fixes an issue where rule exception operators could not be cleared when editing a rule exception ({kibana-pull}236051[#236051]).
 * Fixes an {elastic-defend} issue on Linux by preventing unnecessary locking within malware protection to avoid invalid watchdog firings.
 * Fixes issues that could sometimes cause crashes of the {elastic-defend} user-mode process on very busy Windows systems.
 * Fixes multiple {elastic-defend} issues in malware protection for Linux where a deadlock could sometimes occur when containers and autofs were both active.
 * Fixes an {elastic-defend} bug in Linux event collection where some long-running processes were not enriched.
 * Fixes an issue in {elastic-defend} that could cause the `get-file` and `execute` response actions to start failing after many are issued with a single running instance of {elastic-defend}.
+* Fixes CVE-2025-37735 ([ESA-2025-23](https://discuss.elastic.co/t/elastic-defend-8-19-6-9-1-6-and-9-2-0-security-update-esa-2025-23/383272)) in {{elastic-defend}} on Windows which could allow a low-privilege attacker to delete arbitrary files on the system and potentially escalate privileges to SYSTEM. Windows 11 24H2 includes changes which make this issue harder to exploit.
 
 [discrete]
 [[release-notes-8.19.6]]

From 4a427dc144216652ff380bdc87b6641b0d9b2572 Mon Sep 17 00:00:00 2001
From: natasha-moore-elastic <natasha.moore@elastic.co>
Date: Fri, 7 Nov 2025 12:20:29 +0000
Subject: [PATCH 3/3] fix formatting

---
 docs/release-notes/8.19.asciidoc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/release-notes/8.19.asciidoc b/docs/release-notes/8.19.asciidoc
index d1e790c78b..c52943cf7f 100644
--- a/docs/release-notes/8.19.asciidoc
+++ b/docs/release-notes/8.19.asciidoc
@@ -24,7 +24,7 @@
 * Fixes multiple {elastic-defend} issues in malware protection for Linux where a deadlock could sometimes occur when containers and autofs were both active.
 * Fixes an {elastic-defend} bug in Linux event collection where some long-running processes were not enriched.
 * Fixes an issue in {elastic-defend} that could cause the `get-file` and `execute` response actions to start failing after many are issued with a single running instance of {elastic-defend}.
-* Fixes CVE-2025-37735 ([ESA-2025-23](https://discuss.elastic.co/t/elastic-defend-8-19-6-9-1-6-and-9-2-0-security-update-esa-2025-23/383272)) in {{elastic-defend}} on Windows which could allow a low-privilege attacker to delete arbitrary files on the system and potentially escalate privileges to SYSTEM. Windows 11 24H2 includes changes which make this issue harder to exploit.
+* Fixes CVE-2025-37735 (https://discuss.elastic.co/t/elastic-defend-8-19-6-9-1-6-and-9-2-0-security-update-esa-2025-23/383272[ESA-2025-23]) in {elastic-defend} on Windows which could allow a low-privilege attacker to delete arbitrary files on the system and potentially escalate privileges to SYSTEM. Windows 11 24H2 includes changes which make this issue harder to exploit.
 
 [discrete]
 [[release-notes-8.19.6]]