product
- What you can do with CrowdStrike
- CrowdStrike Modules Falcon
- NGAV(Prevent/USB/FW)
- EDR(Falcon Insight)
- Threat Hunting (OverWatch)
- IT Asset Management (Discover)
- Vulnerability Management (Spotlight)
- Threat Intelligence (Intelligence/Sandbox)
- Identity Protection (ITD/ITP)
- Cloud Security (CNAPP)
- EASM(Surface)
service
Application for evaluation machine
- FAQ

CrowdStrike
CrowdStrike
CrowdStrike Update for May 2025

We are pleased to present the CrowdStrike update for May 2025.
All of these issues have been posted on our support site, so please check those articles as well.
Registration is required for our support site.
Please click on "CrowdStrike Falcon 'Support Site Viewing Request'" on the following page to request viewing.
https://www.macnica.co.jp/business/security/manufacturers/crowdstrike/support.html
*The maintenance contract number is required for application. The maintenance contract number is listed in the notification sent to you with the subject below.
Subject: [Notice regarding delivery of CrowdStrike notification]
* Responses usually take 1 to 3 business days.
Sensor Release
Falcon Sensor for Windows 7.25.19706 Release Announcement [Released 2025/05/16]
- Main New Features
- Boot Configuration Database Protection protection will be added to Falcon Prevent and will be detailed in upcoming release notes.
- Added support for on-demand scanning prevention of adware and unwanted programs (PUPs) with cloud-based detection.
- Secure Configuration Assessment: System configuration assessment now takes file and registry key permissions into account.
- Falcon Identity Protection Fusion Actions: Added support for managing Active Directory users (enable, disable, unlock).
- Cloud Access Trigger Conditions: In Falcon Identity Protection, source device conditions are applied for cloud access.
- Main fixes
- Scheduled Scan Timing: Fixed an issue where on-demand scan start times were being reported inaccurately.
- Interpreter Visibility: Fixed an issue where script monitoring DLL failed to initialize causing events to be sent.
- Driver Unloading Issue: Fixed an issue where the system would hang when unloading a sensor driver with the BFE service disabled.
- Memory Constraints: Fixed slow startup issues in low memory environments.
- Data Protection Race Condition: Fixed an issue where files could be left behind on removable drives.
- SSL Proxy & TLS 1.3: Fixed a connection blocking issue that occurred when the domain controller supported TLS 1.3.
- UserLogon Password Field: Fixed inaccuracy of the PasswordLastSet field in the UserLogon event.
- Agent Backup Handling: Improved handling of AID and CID backups, reducing the risk of corrupting registration information.
- Chrome Extension Reporting: Fixed an issue where browser extension events were not being reported in certain Chrome versions.
- Please see our support site article for more information.
Falcon Sensor for Linux 7.25.17804 Release Announcement [Released 2025/05/21]
- Main New Features
- The Linux sensor can now discover information from containers managed by Containerd and Garden.
- Added support for ASPM collection, allowing you to collect application data via sensors.
- Updated the DaemonSet container to use Red Hat UBI 9.5-1741861735 Micro.
- Added DaemonSet support in user mode for Azure Linux 3.0.
- Added model functionality related to Go language files.
- Main changes
- Fixed the units of the ChangeTime field in the ProcessRollup2 event from the Linux sensor to be consistent with other events.
- Worked around a Linux kernel bug in user mode on ARM processors to fix the kernel panic issue at boot time.
- We kept a user information cache for 5 minutes to reduce information requests made by sensors.
- Avoided file vantage related cache lookups, resolving performance issues when the cache contained large amounts of data.
- Automatically fix permissions on the /opt/Crowdstrike/sandbox directory.
- Kernel Support
- New Linux kernel versions are being certified and will be supported on Amazon Linux, Debian, Oracle Linux, Red Hat Enterprise Linux, SUSE Linux, Ubuntu, and many other versions.
- Please see our support site article for more information.
Falcon Sensor for Mac 7.25.19606 Release Announcement [Released 2025/05/13]
- Main New Features
- The ProcessRollup2 event has a new optional field, TtyName, that indicates the on-disk path of the TTY associated with the process.
- Main changes
- Fixed an issue where sensors were not properly restored to quarantined state if they were upgraded while in quarantine.
- The falconctl disable-filter command has been modified to require a maintenance token if uninstall protection is enabled.
- Fixed an issue where the sensor did not recognize that the system firewall was enabled if the "Block all incoming connections" setting was enabled.
- Fixed an issue where the sensor would miss the authentication response deadline under high event load.
- Fixed a rare issue that could cause the Falcon Notifications process to crash.
- Fixed an issue that prevented the sensor from reporting the "InstalledBrowserExtension" event in Chrome version 136 and later.
- Known Issues
- When manually installing versions 7.23-7.25, there is an issue where the Falcon user interface does not appear after the installation is complete. A fix is planned for version 7.26.
- Please see our support site article for more information.
Release Announcement
Management Console
- CrowdStrike Falcon Console Regular Updates Announcement [As of the week of May 5, 2025]
- New Features
You can now create documentation for your Falcon Foundry apps as README files. You can use Markdown to structure and organize your documentation. Changes to these documentation will be tracked and evolved like other Foundry features. - Fixes
- Fixed an issue in Asset Management where asset information retrieved from Active Directory (AD) was retained for more than 45 days. This adjusts the data retention period based on the last login time reported by AD. If there is no last login time, the last observed time in AD is used. - Additional Features
Falcon Exposure Management now adds a new API option to filter configuration assessment results by assessment reason. - Please see our support site article for more information.
・ https://support.mnc.macnica.co.jp/hc/ja/articles/47184263230617
- New Features
- CrowdStrike Falcon Console Regular Updates Announcement [As of the week of May 12, 2025]
- New Features
It is now possible to mimic a ransomware attack to verify the operation of the file system protection function, specifically preventing attacks that use the SMB protocol to deliver ransomware.
-New users are now provided with a wizard to guide them through the steps to deploy Falcon Identity Protection.
- New Cloud-based ML analysis is now applied to on-demand scans as a preventative measure against adware and Potentially Unwanted Programs (PUPs). - Please see our support site article for more information.
・ https://support.mnc.macnica.co.jp/hc/ja/articles/47185821852185
- New Features
- CrowdStrike Falcon Console Regular Updates Announcement [As of the week of May 19, 2025]
- New Features
- In the Falcon UI, the Audit Log now allows analysts to select filters using a drop-down menu.
- You can now edit the description of the default prevention policy in Endpoint Security settings.
- On the Hidden Hosts tab of the Host Management screen, the option to restore a host is now at the top of the actions list, making it easier to access. - Please see our support site article for more information.
・ https://support.mnc.macnica.co.jp/hc/ja/articles/47419260262681
- New Features
For updates on other modules, please refer to the support site articles.
- Falcon Cloud Security
- Falcon Cloud Security | Expanded Container Runtime Escape Detection Coverage
・ https://support.mnc.macnica.co.jp/hc/ja/articles/46973924550553
- Falcon Cloud Security | Expanded Container Runtime Escape Detection Coverage
- Falcon Exposure Management
- Identifying attack paths starting from client-side exploits
・ https://support.mnc.macnica.co.jp/hc/ja/articles/46382473060889 - Expansion of CIS Benchmark Coverage for Windows Server 2025 [May 5, 2025]
・ https://support.mnc.macnica.co.jp/hc/ja/articles/46627326505497
- Identifying attack paths starting from client-side exploits
- NG-SIEM
- Falcon Next-Gen SIEM Recently Released Features/Fixes/Known Issues [May 2025 Update]
・ https://support.mnc.macnica.co.jp/hc/ja/articles/47458664278809
- Falcon Next-Gen SIEM Recently Released Features/Fixes/Known Issues [May 2025 Update]
- Falcon for IT
- Announcing the release of Falcon for IT parameterized queries
・ https://support.mnc.macnica.co.jp/hc/ja/articles/46605661176601
- Announcing the release of Falcon for IT parameterized queries
- Falcon Adversary OverWatch
- Introducing Falcon Adversary Overwatch Next-Gen SIEM
・ https://support.mnc.macnica.co.jp/hc/ja/articles/46415756021273
- Introducing Falcon Adversary Overwatch Next-Gen SIEM
- Falcon Adversary Intelligence
- Comments on Intelligence Reports
・ https://support.mnc.macnica.co.jp/hc/ja/articles/46607057236249
- Comments on Intelligence Reports
- Falcon Flex
- Introducing the Falcon Flex Dashboard
・ https://support.mnc.macnica.co.jp/hc/ja/articles/46932690406553
- Introducing the Falcon Flex Dashboard
- Its multi-function
- New Alert API now supports getting complete comments and adding multiple comments
・ https://support.mnc.macnica.co.jp/hc/ja/articles/46939519770265 - Host Management now includes advanced export options
・ https://support.mnc.macnica.co.jp/hc/ja/articles/47365488231065 - Falcon sensor for Linux | Red Hat Enterprise Linux 9.6 support announcement
・ https://support.mnc.macnica.co.jp/hc/ja/articles/47393143693209 - Notification of the addition of Boot Configuration Database Protection function to Windows sensor
・ https://support.mnc.macnica.co.jp/hc/ja/articles/47416289247385 - Falcon Administrators can now grant temporary roles
・ https://support.mnc.macnica.co.jp/hc/ja/articles/47466670903833
- New Alert API now supports getting complete comments and adding multiple comments
Maintenance and fault information
- Please check our support site as necessary for maintenance and failure information.
Inquiry/Document request
In charge of Macnica CrowdStrike Co., Ltd.
- TEL:045-476-2010
- E-mail:crowdstrike_info@macnica.co.jp
Weekdays: 9:00-17:00