Host Shield for Windows Release Notes

0.9.0 June 24, 2025

• Supported shield chart version: 1.10.0

Enhancements

• Improved Posture Connectivity Resiliency

Changed the default transport protocol for the Posture feature from nats to https to improve resilience against transient network failures and round-trip communication issues.

Vulnerability Fixes

This release addresses the following security vulnerabilities:

• CVE-2025-22874
• CVE-2025-4673
• CVE-2025-0913

0.8.0 May 29, 2025

• Supported shield chart version: 1.7.0

Enhancements

• You can now configure proxy settings from the host-shield.yaml file when deployed on hosts.
• Streamlined log output by preventing unexpected certificate loading warnings.

Defect Fixes

• Fixed an issue where the Host Scanner could send invalid scan status data to the backend when scanning containers.
• Fixed an issue where the Host Scanner could display an error when interacting with older versions of the Sysdig on-premises backend.
• Fixed an issue where the Host Scanner did not detect Flatcar OS installations correctly.

Vulnerability Fixes

This release addresses the following security vulnerabilities:

• CVE-2025-29824
• CVE-2025-29810
• CVE-2025-29809
• CVE-2025-27742
• CVE-2025-27741
• CVE-2025-27740
• CVE-2025-27739
• CVE-2025-27738
• CVE-2025-27737
• CVE-2025-27736
• CVE-2025-27735
• CVE-2025-27733
• CVE-2025-27732
• CVE-2025-27731
• CVE-2025-27730
• CVE-2025-27727
• CVE-2025-27487
• CVE-2025-27486
• CVE-2025-27485
• CVE-2025-27484
• CVE-2025-27483
• CVE-2025-27481
• CVE-2025-27479
• CVE-2025-27478
• CVE-2025-27477
• CVE-2025-27476
• CVE-2025-27474
• CVE-2025-27473
• CVE-2025-27471
• CVE-2025-27470
• CVE-2025-27469
• CVE-2025-27467
• CVE-2025-26688
• CVE-2025-26687
• CVE-2025-26680
• CVE-2025-26679
• CVE-2025-26678
• CVE-2025-26676
• CVE-2025-26674
• CVE-2025-26673
• CVE-2025-26672
• CVE-2025-26671
• CVE-2025-26669
• CVE-2025-26668
• CVE-2025-26667
• CVE-2025-26666
• CVE-2025-26665
• CVE-2025-26664
• CVE-2025-26652
• CVE-2025-26648
• CVE-2025-26647
• CVE-2025-26644
• CVE-2025-26641
• CVE-2025-26640
• CVE-2025-26637
• CVE-2025-26635
• CVE-2025-24074
• CVE-2025-24073
• CVE-2025-24060
• CVE-2025-24058
• CVE-2025-21222
• CVE-2025-21221
• CVE-2025-21205
• CVE-2025-21204
• CVE-2025-21203
• CVE-2025-21197
• CVE-2025-21191
• CVE-2025-21174
• CVE-2024-21302

0.7.1 April 15, 2025

Enhancements

Kubernetes Cluster Name in Metrics

Metrics message tags now include the Kubernetes cluster name for better traceability.

Improved Metrics Resiliency

Enhanced the internal Agent metrics sender infrastructure to increase reliability and fault tolerance.

0.7.0 March 31, 2025

Introducing Host Shield on Windows! Host Shield simplifies the deployment, management, and configuration of Sysdig security tools by consolidating components such as Runtime Threat Detection, Host Scanner and Posture into Host Shield.

Enhancements

Posture for Windows Server in Standalone Hosts

Sysdig now provides compliance scanning for Windows Server standalone hosts, enabling security and regulatory compliance checks for Windows environments. This feature helps organizations enforce compliance policies and detect security misconfiguration.

This feature only supports standalone Windows Server hosts. It does not apply to Windows Server nodes running inside Kubernetes clusters or Containers based on Windows images.

Vulnerability Detection for Windows Server

• Adding detection for Windows Operating System Vulnerabilities sourced from Microsoft Security Response Center
• Adding detection for Non-OS Packages

Support for Custom CA Certificates from Windows Certificate Stores

You can use a custom CA certificate residing in Windows certificate stores

For installation steps, see Windows Hosts and Windows Kubernetes.

For more information, see Posture Policies Included.