You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: CHANGELOG.md
+13Lines changed: 13 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -2,6 +2,19 @@
2
2
# Change Log
3
3
All notable changes to this project will be documented in this file.
4
4
5
+
## [1.9.0] - 2026-02-27
6
+
7
+
### Added
8
+
- Added five new queries in the Microsoft subfolder. These queries are now part of our recommended and must-run sets.
9
+
- ConditionallyUninitializedVariableAutomation.ql: Flags calls to initialization functions whose return status is not checked, potentially leaving a local variable uninitialized.
10
+
- UnprobedDereference.ql: Detects dereferences of user-provided pointers that haven't been probed first, which could cause access violations.
11
+
- UserModeMemoryOutsideTry.ql: Finds reads of user-mode memory that occur outside a try/catch block, where unexpected exceptions from changed memory protections could crash the kernel.
12
+
- UserModeMemoryReadMultipleTimes.ql: identifies double-fetch vulnerabilities where user-mode memory is read more than once without being copied to kernel memory first.
13
+
- UnguardedNullReturnDereference.ql: Reports dereferences of return values from calls that may return NULL (e.g. heap allocations) without a preceding null check.
14
+
15
+
### Changed
16
+
- Standardized the rule ID of UninitializedPtrField.ql to "cpp/microsoft/public/likely-bugs/uninitializedptrfield" and updated accuracy.
0 commit comments