Endpoint Privilege Management SaaS 24.1 Release Notes

February 13, 2024

This release notes document covers the following:

MMC Support

The MMC Policy Editor was deprecated in EPM Cloud version 23.9 and is removed in version 24.1.


  • Microsoft .NET Framework 4.6.2 (required to use EPM Windows adapter)

For more information about Windows or macOS requirements, please see the Privilege Management Release Notes.

Package Manager

  • Resolved an issue that was allowing Package Manager to install successfully with an invalid URL.


New Features and Enhancements:

Policy Editor

  • Added a search on local Active Directory domains using a connector configured on the Configuration page in EPM. Add users and groups more easily in Account Filters for Windows Workstyles, Designated Users in Messages, and Custom Tokens.
  • Added capability to upload an updated rule script file to an existing rule script. This will significantly reduce the number of clicks compared to the previous process of deleting, recreating, and reassigning rule scripts to Workstyles.
  • Added capability to download a previously uploaded settings.JSON file for any rule script added to a policy.
  • Added capability to access a policy in Edit mode in a single click when mistakenly opening a policy in Read Only mode.
  • Added capability to disable and enable Windows On-Demand application rules.
  • Added capability to more easily change the order of the User Reason drop-down list for Messages via a drag-and-drop facility.
  • Added capability to rename Windows and Mac Message Name and Message Description displayed in the Policy Editor after it has been created.
  • Added the Policy Assistant to check a policy and identify potential issues and configuration conflicts. This is a beta feature and can be found in Utilities.
  • Added capability to copy Windows and Mac messages and Application Groups within a policy and from one policy to another.
  • Improved the usability of navigating Workstyles by reducing the number of menu items and consolidating related configuration areas into individual selectable tabs.

EPM Console

  • Dashboard is your new landing page for Analytics to provide insights into the effectiveness of EPM in your estate.
    • Endpoint User Logins chart shows the Windows users active in your estate, broken down by Domain or Local and Admin or Standard (requires the User Logins general rule).
    • Top Event Actions chart gives at a glance insight into the total numbers of Elevations, Allows, Blocks, and Cancel outcomes of your EPM policy.
    • These interactive charts provide filtering and link through to the underlying data.
  • Added BeyondTrust Recommended Views to all user's saved views; this saves time and effort in applying the necessary filters required for common Analytics use cases.
  • Ensured that the CSV exports from Events and Applications grids in Analytics contain all fields available in the UI.
  • Added save and load view functionality to the Users tab.
  • Event details are now presented in a right-hand panel, making it easier to view details for multiple events and retain the context of the Events grid.
  • In Analytics, enhanced the interface of the load view sliding panel , adding further context to what a saved view includes by listing the filters and columns saved to the view and showing the order of the columns in the grid.
  • Updated the Manage Updates panel on the Group Details page to be more user-friendly by giving the user two clear options: automatically update to the latest version or manually choose a specific version.
  • Updated the sorting of Policy and Application Group dropdown menus in the Add to Policy panel to be alphanumeric.
  • In Analytics, fixed the Event time column in the Events grid so that this can no longer be removed from the grid configuration using the column chooser.
  • In Analytics, updated Windows Store App application type on the Applications grid, so that the hyperlink navigation to Application Details is via the Store App Name field instead of Application Name.
  • Updated the MMC Snap-In to no longer connect to EPM console as part of the transition to the web Policy Editor for policy editing.

Issues Resolved:

Policy Editor

  • Resolved issue so applications containing special characters (i.e. Chinese) in their event data are added as matching criteria values successfully when added via Analytics Add to Policy.
  • Resolved an issue so it is now possible to export a policy XML file successfully via the Template Policies page.
  • Resolved an issue with the Paste button displaying the tooltip on hover after it has been made active.
  • Resolved an issue so breadcrumbs are now showing correctly when editing and adding a Content definition for a Content Group.
  • Resolved an issue with a scrollbar not being visible when configuring Manage Images in macOS Messages.
  • Resolved an issue with body text not wrapping correctly on URM Message Previews.
  • Resolved an issue with a scrollbar not displaying on the Multi-String input field in Advanced Agent Settings.
  • Resolved issue so a wildcard value (*) can be added as expected for CLSID application matching criteria.
  • Resolved an issue to enforce the mandatory Name field correctly validates when left blank on create of a Registry value in Advanced Agent Settings.
  • Resolved an issue with the Reference Hyperlink configured for a macOS message not displaying correctly in the Message Preview.
  • Resolved an issue on missing validation for mandatory Header and Body options for ActiveX is now enforced when left blank.
  • Resolved an issue so the Policy Save button is now enabled when a configuration (i.e. a Workstyle, Application Rule, Application) has updated to Enabled or Disabled.

EPM Console

  • Resolved an issue with Management Rules that was preventing Delete rules with the Group filter from running.
  • Resolved an issue that was preventing Management Rules from running when the Every 3 Days execution frequency was selected.
  • Resolved an issue where the Username filter was not being injected when navigating from the Users Affected overlay.

Known Issues:


EPM Windows Adapter

No updates.

EPM Mac Adapter

No updates.




  • PM Reporting Database: 23.9.13
  • Web Policy Editor: 24.1.397
  • PM Reporting UI: 24.1.29
  • Event Collector: 24.1.10
  • EPM Cloud: 24.1.581



Do not install a new adapter version before you are running a version of Endpoint Privilege Management SaaS that supports it. Installing an unsupported adapter can result in endpoints that no longer connect. You will be notified before your instance of Endpoint Privilege Management SaaS is upgraded.

Supported Versions

  • PM Windows Adapter: Recommended: 24.1.581 | 23.9.578 | 23.8.515 | 23.7.356 | 23.6.562 | 23.5.516 | 23.4.424 | 23.3.256 | 23.2.506 | 23.1.942.0
  • PM for Windows: Recommended: | | | | 23.5.212 | | | 22.9.268 | 22.9.243 | | | | | 22.1.95 | 21.7.152 | 21.5.106 | | 21.3.135
  • PM for macOS: Recommended: | | | | | | | | |
  • PM macOS Adapter: Recommended: | | | |
  • PM Rapid Deployment Tool for macOS: Recommended: | | | | | | | | | | |
  • PM Response Generator for Windows: Recommended: | | 23.7.150 | 23.5.212 | | | | | | | | | 22.1.95
  • PM Response Generator for macOS: Recommended: | | | | | | | | | |

Supported, but Deprecated, Versions

These versions are compatible with PM Cloud, but best avoided. Support for deprecated versions will be removed in the future.

  • EPM Windows Adapter: 23.1.942.0 | 22.9.393.0 | 22.8.396 | 22.7.271 | 22.6.273 | 22.5.144 | 22.4.227 | 22.3.310 | 22.2.584
  • EPM macOS Adapter: | | | | |
  • PM MMC snap-in: | | | | | | 22.9.243 | | | | | 22.1.95 | 21.7.152 | 21.5.106 | | 21.3.135 | 21.2.98 | 21.1.133