8.17.10 release notes (#7021) (#7027)

* 8.17.10 release notes

* Update docs/release-notes/8.17.asciidoc



* adds more Defend RNs

* removes RN from 8.17.9

* apply suggestions

* updates old known issue

---------


(cherry picked from commit 58a4177)

Co-authored-by: natasha-moore-elastic <[email protected]>
Co-authored-by: Gabriel Landau <[email protected]>

Author: 3 people

docs/release-notes.asciidoc

@@ -9,6 +9,7 @@ This section summarizes the changes in each release.
 * <<release-notes-8.18.2, {elastic-sec} version 8.18.2>>
 * <<release-notes-8.18.1, {elastic-sec} version 8.18.1>>
 * <<release-notes-8.18.0, {elastic-sec} version 8.18.0>>
+* <<release-notes-8.17.10, {elastic-sec} version 8.17.10>>
 * <<release-notes-8.17.9, {elastic-sec} version 8.17.9>>
 * <<release-notes-8.17.8, {elastic-sec} version 8.17.8>>
 * <<release-notes-8.17.7, {elastic-sec} version 8.17.7>>

docs/release-notes/8.17.asciidoc

@@ -2,13 +2,28 @@
 == 8.17
 
 [discrete]
-[[release-notes-8.17.9]]
-=== 8.17.9
+[[release-notes-8.17.10]]
+=== 8.17.10
 
 [discrete]
-[[enhancements-8.17.9]]
+[[enhancements-8.17.10]]
 ==== Enhancements
-* Shortens the time it takes to recover from a `DEGRADED` status caused by {elastic-agent} communication issues.
+* Due to an issue in macOS, {elastic-defend} would sometimes send network events without `user.name` populated. {elastic-defend} now identifies these events and populates `user.name` if necessary.
+* Reduces {elastic-defend} CPU usage when processing events from the System process.
+* Reduces {elastic-defend} CPU usage for ETW events, API events, and Behavioral Protections. In some cases, this may be a significant reduction.
+
+[discrete]
+[[bug-fixes-8.17.10]]
+==== Fixes
+* Fixes a race condition in {elastic-defend} on Windows that occasionally resulted in corrupted process command lines. This could cause incorrect values for `process.command_line`, `process.args_count`, and `process.args`, leading to false positives.
+* Improves the efficiency of the {elastic-defend} malware scan queue by not blocking scan requests when an oplock for the file being scanned cannot be acquired.
+* Fixes an issue in {elastic-defend} performance metrics that resulted in `endpoint_uptime_percent` always being 0 for behavioral rules.
+* Fixes an issue in {elastic-defend} that could result in a crash if a {ls} output configuration contains a certificate that cannot be parsed.
+* Shortens the time it takes for {elastic-defend} to recover from a `DEGRADED` status caused by {agent} communication issues.
+
+[discrete]
+[[release-notes-8.17.9]]
+=== 8.17.9
 
 [discrete]
 [[bug-fixes-8.17.9]]
@@ -40,6 +55,9 @@ For more information, check https://github.com/elastic/endpoint/issues/90[#90]
 Downgrade to 8.17.7 or install 8.17.9 once it becomes available.
 
 If you're unable to upgrade or downgrade, set the `advanced.kernel.network` advanced setting to `false` in your {elastic-defend} integration policy.
+
+*Resolved* +
+This issue is fixed in {stack} version 8.17.9.
 ====
 // end::known-issue[]