Skip to content

[Security] 9.0.8 release notes #3282

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 8 commits into from
Oct 6, 2025
Merged

[Security] 9.0.8 release notes #3282

Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
0eb81ce
[Security] 9.0.8 release notes
natasha-moore-elastic Oct 2, 2025
9f442e9
Update release-notes/elastic-security/index.md
natasha-moore-elastic Oct 2, 2025
c637a77
Merge branch 'main' into sec-rn-9.0.8
natasha-moore-elastic Oct 2, 2025
21cf09b
Update release-notes/elastic-security/index.md
natasha-moore-elastic Oct 2, 2025
4119443
Apply suggestions from code review
natasha-moore-elastic Oct 3, 2025
5f1a2a5
Apply suggestions from code review
natasha-moore-elastic Oct 6, 2025
78dee3b
fix formatting
natasha-moore-elastic Oct 6, 2025
b0ea0e8
Merge branch 'main' into sec-rn-9.0.8
natasha-moore-elastic Oct 6, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 16 additions & 0 deletions release-notes/elastic-security/index.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -168,6 +168,22 @@ To check for security updates, go to [Security announcements for the Elastic sta
* Fixes a bug in {{elastic-defend}} where Linux network events would have source and destination byte counts swapped.
* Fixes an issue where {{elastic-defend}} may incorrectly set the artifact channel in policy responses, and adds `manifest_type` to policy responses.

## 9.0.8 [elastic-security-9.0.8-release-notes]

### Features and enhancements [elastic-security-9.0.8-features-enhancements]
* Adds an {{elastic-defend}} option to remediate orphaned state by attempting to start Elastic Agent service.

### Fixes [elastic-security-9.0.8-fixes]
* Removes `null` in confirmation dialog when bulk editing index patterns for rules [#236572]({{kib-pull}}236572).
* Fixes the URL passed to detection rule actions via the `{{context.results_link}}` placeholder [#236067]({{kib-pull}}236067).
* Adds support in {{elastic-defend}} for installing eBPF probes on Linux endpoints when taskstats is compiled out of the kernel.
* Fixes an issue in {{elastic-defend}} where Linux network events could have source and destination bytes swapped.
* Removes `.process.thread.capabilities.permitted` and `.process.thread.capabilities.effective` from Linux network events in {{elastic-defend}}.
* Fixes an issue in {{elastic-defend}} where host isolation could auto-release incorrectly. Host isolation now only releases when {{elastic-endpoint}} becomes orphaned. Intermittent {{elastic-agent}} connectivity changes no longer alter the host isolation state.
* Improves the reliability of local {{elastic-defend}} administrative shell commands. In rare cases, a command could fail to execute due to issue with interprocess communication.
* Fixes an issue where {{elastic-defend}} would incorrectly calculate throughput capacity when sending documents to output. This may have limited event throughput on extremely busy endpoints.
* Fixes an issue in {{elastic-defend}} installation logging where only the first character of install paths (usually 'C') would be logged.

## 9.0.7 [elastic-security-9.0.7-release-notes]

### Fixes [elastic-security-9.0.7-fixes]
Expand Down
Loading