Process Monitor v2.0: This major update to Process Monitor adds real-time TCP and UDP monitoring to its existing process, thread, DLL, file system and registry monitoring. You can now see the TCP and UDP activity processes performed, including the operation (e.g. connect, send, receive), local and remote IP addresses and DNS names, and operation transfer lengths. On Windows Vista, Process Monitor also collects thread stacks for network operations.

Mark's Blog: The Case of the Sloooow System - Check out Mark's latest blog post to see how he resolved a critical support incident on one of his home computers.

ZoomIt v2.11: ZoomIt now includes the ability to change the color of the break timer and modifies the way it captures the screen so that it includes tooltip windows.

Vista Springboard Virtual Roundtable on Performance: Watch Mark and a panel of industry experts discuss Windows performance in this hour-long webcast where they cover topics from avoiding common pitfalls, defining performance baselines, performance monitoring tools, ways to improve overall system performance and common performance misconceptions.

Sigcheck v1.54: This Sigcheck release fixes a bug in CSV output formatting.

Contig v1.55: Contig now supports the -accepteula command-line switch.

Coreinfo v1.0: This is a new command-line utility that shows you the mapping between logical processors and the physical processor, NUMA node, and socket on which they reside, as well as the cache's assigned to each logical processor.

Mark's Blog: Where in the world is Mark Russinovich? - Check out Mark's latest blog post to find out where he's going to be speaking this Fall and how Windows Internals 5th Edition is progressing.

The future of Sysinternals, Security, Windows: Check out Mark's interview on TechNet Edge where he covers a range of topics, including what's going on at Sysinternals.

Desktops v1.0: This new utility enables you to create up to four virtual desktops and to use a tray interface or hotkeys to preview what's on each desktop and easily switch between them.

Autoruns v9.33: This Autoruns update adds command-line options for automatically scanning and exporting scan results, as well as a number of bug fixes.

Process Monitor v1.37: Process Monitor, a system monitoring utility, now prevents you from inadvertently closing the filter dialog without saving edits and fixes a subtle race condition bug in the driver.

Handle v3.41: Handle, a command-line tool for dumping information on open operating system handles, adds a new switch, -l, that dumps the sizes of pagefile-backed sections.

Process Explorer v11.21: This update fixes a race condition bug in the Process Explorer device driver.

DebugView v4.75: DebugView v4.75, a debug output monitoring utility for developers, fixes a bug that caused it to crash when capturing very long debug strings when not forcing carriage returns and the driver is now compatible with the Driver Verifier.

BgInfo v4.14: This update makes the /silent switch more aggressive about supprossing dialog boxes.

Mark's Events: Mark to Keynote Virtualization Congress - Mark is going to deliver a keynote on Microsoft's virtualization strategy at the independent Virtualization Congress in London in October.

Windows Security Boundries: Mark’s session from TechEd US on what constitutes a security boundary is now available for on-demand viewing. Get the real story on Windows security-related features like Kernel Patch Protection (KPP), Kernel Mode Code Integrity, User sessions, UAC, Protected Mode IE, and more, to find out how they work, what they were designed for, and whether they are security boundaries.

Autoruns v9.31: This release fixes a bug displaying missing images that reference paths with spaces, adds support for Sidebar Gadgets on 64-bit Windows, and correctly handles 64-bit paths that reference the program files directory.

Mark's Blog: Pushing the Limits of Windows: Physical Memory - Mark starts a new blog article series with a look at how much memory Windows supports and why, including why you might not be getting the benefit of all your RAM if you're running 32-bit Windows.

Solution Accelerators Security Blog: How to Use AccessChk.exe for Security Compliance Management - You can use AccessChk with System Center's Desired Configuration Mager to obtain effective user rights directly from managed systems.

Autoruns v9.3: This Autoruns update adds support for several additional shell extension points, including copy hook, property sheet, and drag and drop handlers, fixes a bug in the Vista gadget parsing code and better handles malformed paths.

AccessChk v4.2: This update reports non-canonical security descriptors (ones that have access control entries in an unsupported order) and adds a new switch, -a, that dumps account rights and prvileges.

ZoomIt v2.10: Includes a zoom-out effect when you exit zoom mode and enables you to specify a background bitmap for the break timer.

Process Monitor v1.34: This update adds the ability to filter on result values.

BgInfo v4.13: Now displays correct version information for Windows Server 2008.

Sysinternals Live: We're excited to announce the beta of Sysinternals Live, a service that enables you to execute Sysinternals tools directly from the Web without hunting for and manually downloading them. Simply enter a tool's Sysinternals Live path into Windows Explorer or a command prompt as \live.sysinternals.com\tools\<toolname> or view the entire Sysinternals Live tools directory in a browser at http://live.sysinternals.com.

Process Explorer v11.20: Process Explorer now shows thread permissions, adds process working set minimum and maximum columns, and fixes a bug that allows it to run from read-only locations on 64-bit Windows.

ZoomIt v2.0: This major ZoomIt update adds the drawing color pink, adds screen blanking to the undo history, extends the maximum pen size from 9 to 19 pixels, has an option to hide the tray icon and makes it easy to save zoomed and annotated screens as bitmap files.

Sigcheck v1.53: The CSV column headers have been fixed to correctly reflect the extended version and hash options.

Handle v3.4: This release fixes a bug that allows it to run from read-only locations on 64-bit Windows and adds an option to show the sizes of pagefile-backed sections.

Autoruns v9.2: In order to better support assisted troubleshooting, Autoruns - an autostart analyzer - now exports and imports scan results to enable viewing results on other systems, adds support for enabling and deleting Winsock notification DLLs, and fixes a number of 64-bit Windows issues.

Process Monitor v1.33: This update to Process Monitor, a real-time file, thread, DLL and performance monitoring utility, improves 32-bit stack walking on 64-bit Windows, fixes a driver bug that could cause crashes on 64-bit Windows, and preserves profiling information by default when saving log files.

AccessChk v4.1: AccessChk, a command-line utility for analyzing effective permissions on files, registry keys, process and more, now interprets Windows Vista process owner rights and can show permissions on active threads.

Process Explorer v11.13: This includes bug fixes for viewing thread stacks of system threads and 64-bit thread stacks. It also fixes compatibility with Windows 9x and NT 4.

Process Monitor v1.31: This update fixes a bug that could result in a deadlock when exiting or disabling capture with thread profiling enabled.

Handle v3.31: No functional change and hence no version number update, but has version field that enables it to work again on Windows 9x and NT 4.

Process Explorer v11.12: This update includes a number of minor enhancements and bug fixes, including support for tracking commit and non-paged pool limits.

Process Monitor v1.30: This major update adds support for importing and exporting filters, records system information in log files, presents more information about specific operations, includes translation of additional operation error codes, and tracks CPU and memory activity that it displays in a revamped process summary dialog.

Handle v3.31: This update unifies the drivers used by Handle and Process Explorer.

Marks Blog: 'The Case of the System Process CPU Spikes' - See Mark's latest blog entry where he demonstrates how he used Process Explorer to track down a device driver causing CPU usage spikes.

ZoomIt v1.8: This update to the popular screen magnifier and annotation presentation tool adds support for undo while drawing and resizable text fonts.

Inside Windows Server 2008 Kernel Changes: Mark goes deep inside the Server 2008 kernel to describe enhancements to memory management and I/O processing, as well as how Server 2008 implements new features like Hyper-V, self-healing NTFS, SMB2, and more. This article complements the three-part series Windows Vista kernel changes series and UAC internals articles Mark also published in TechNet Magazine.

Mark Hosts Virtual Roundtable on Deploying Vista: Watch Mark Russinovich and a panel of industry experts and IT pros have an interactive roundtable discussion on Windows Vista adoption and deployment, including challenges, workarounds, and solutions.

ShellRunas v1.01: Fixes bug where /quiet wasn’t honored for /unreg.