In a new Windows 11 Insider Preview release, Microsoft has started rolling out native support for System Monitor (Sysmon).The change appears in Windows 11 Insider Preview Build 26300.7733 (KB5074178), now available to testers in the Beta and Dev channels, according to the Windows Blog.Sysmon has long been part of Microsoft’s Sysinternals toolkit, widely used by security teams to track detailed system activity and spot suspicious behavior.
Until now, it had to be downloaded and installed separately.With this update, Sysmon is becoming a built-in Windows feature.“Windows now brings Sysmon functionality natively to Windows,” the company wrote.
“Sysmon functionality allows you to capture system events that can help with threat detection, and you can use custom configuration files to filter the events you want to monitor.” The company added that Sysmon data is written directly to the Windows Event Log, making it easier to use with security tools and monitoring platforms already deployed across many organizations.Disabled by default, enabled by choice Microsoft is taking a cautious approach with the new built-in Sysmon.The feature is disabled by default; users must explicitly enable it.
The Windows Blog notes that Sysmon can be enabled through Windows settings or via command-line tools such as PowerShell and DISM.Once enabled, users must still initialize Sysmon before it begins logging activity.Microsoft also warns that any existing Sysmon version installed from the Sysinternals website must be removed before activating the built-in version.
By embedding advanced monitoring directly into the operating system, Microsoft is aiming to simplify deployment while giving security teams better visibility into potential threats.Alongside native Sysmon support, the update also includes expanded voice access support and several fixes, including improvements to file explorer accessibility and a fix for a bug that caused apps to freeze when working with cloud storage services like OneDrive and Dropbox.The sysmon rollout also arrives at a sensitive moment for Microsoft’s Windows team.
More Microsoft news Inside Microsoft’s Real-Time War Against Cybersecurity Threats Project Ire: Microsoft Tests AI That Autonomously Detects Malware Microsoft Targets ‘Critical AI Talent’ from Meta to Dominate Next AI Breakthroughs Windows 10 Support Ends Soon, Though Extended Security Updates Offers Are Available Microsoft experiencing some headaches lately… In recent weeks, the company has been dealing with fallout from a string of update-related problems, including a confirmed bug that prevents some Windows 10 and 11 PCs from shutting down or entering hibernation after January security patches.That issue, tied to Secure Launch and Virtual Secure Mode, has lingered despite emergency fixes, adding to frustration among users already wary of Windows update reliability.At the same time, Microsoft has publicly acknowledged growing backlash over Windows 11’s stability and performance.
Company executives have said engineers are now being redirected to prioritize reliability and fixes throughout 2026, following months marked by boot failures, cloud app crashes, and emergency out-of-band updates.That shift reflects mounting pressure on Microsoft to focus less on new additions and more on making the core operating system dependable again.By making advanced system monitoring a native, optional feature, Microsoft appears to be betting that better visibility into system behavior will help security teams and the company itself detect issues earlier, respond faster, and rebuild confidence in Windows at a time when trust has been under strain.
For more on Microsoft’s strategic shifts in security leadership and quality focus, check out this TechRepublic piece on Gallot’s return and Bell’s new role.Subscribe to the Microsoft Weekly Newsletter Be your company's Microsoft insider by reading these Windows and Office tips, tricks, and cheat sheets.Delivered Mondays and Wednesdays Subscribe to the Microsoft Weekly Newsletter Be your company's Microsoft insider by reading these Windows and Office tips, tricks, and cheat sheets.
Delivered Mondays and Wednesdays
Read More
