Security 8.19.6 release notes

Author: natasha-moore-elastic

docs/release-notes.asciidoc

@@ -3,6 +3,7 @@
 
 This section summarizes the changes in each release.
 
+* <<release-notes-8.19.6, {elastic-sec} version 8.19.6>>
 * <<release-notes-8.19.5, {elastic-sec} version 8.19.5>>
 * <<release-notes-8.19.4, {elastic-sec} version 8.19.4>>
 * <<release-notes-8.19.3, {elastic-sec} version 8.19.3>>

docs/release-notes/8.19.asciidoc

@@ -1,6 +1,26 @@
 [[release-notes-header-8.19.0]]
 == 8.19
 
+[discrete]
+[[release-notes-8.19.6]]
+=== 8.19.6
+
+[discrete]
+[[enhancements-8.19.6]]
+==== Enhancements
+* Adds an {elastic-defend} advanced policy Windows setting that allows you to opt out of collecting specific security events ({kibana-pull}232360[#232360]).
+
+[discrete]
+[[bug-fixes-8.19.6]]
+==== Fixes
+* Fixes an issue with editing filters on the **Alerts** page ({kibana-pull}236756[#236756]).
+* Prioritizes connector `defaultModel` over stored conversation model ({kibana-pull}237947[#237947]).
+* Fixes an {elastic-defend} issue in malware protection for Linux where a deadlock could sometimes occur when containers and autofs were both active.
+* Fixes an {elastic-defend} issue on Linux by preventing unnecessary locking within malware protection to avoid invalid watchdog firings.
+* Fixes issues that could sometimes cause crashes of the {elastic-defend} user-mode process on very busy Windows systems.
+* Fixes an {elastic-defend} issue on Windows which could allow a low-privilege attacker to delete arbitrary files on the system. On versions of Windows before Windows 11 24H2, this could result in local privilege escalation.
+* Fixes an {elastic-defend} bug in Linux event collection where some long-running processes were not enriched.
+
 [discrete]
 [[release-notes-8.19.5]]
 === 8.19.5