Endpoint Privilege Management Cloud 23.1 Release Notes

February 28, 2023

New Features and Enhancements:

Policy Editor

  • Touch ID is configurable for Mac messages to authorize users on the macOS endpoint.
  • Administrators can now test applications and application rules and then quickly disable them without having to delete them. 
  • Administrators can now preview edits to Windows and Mac messages while making the changes without needing to save them. Preview messages for Windows updated to reflect Windows 10 as it is the most used OS.
  • Adding AAD Groups user experience improvements. There is a 3-second delay added before applying filter and loading spinner to present feedback when parsing results from filter.
  • For both Windows and Mac, all application matchers are now accessible from the Application Group grid. Solves the problem in which application matcher criteria was not accessible when viewing policy in read-only mode.

PM Cloud

  • Added an API call to retrieve the activity audit activity details.
  • Added an API call for create policy functionality. 
  • Added new user permissions for creating groups and policies.
  • Hid Analytics 1.0 for users who only have access to specific groups.
  • Users can search by Azure AD group name.
  • Added user permissions for the Configuration Settings pages. This allows administrators to delegate access to specific configuration settings.
  • Added a Clear Filters button and a Refresh button to the Endpoint Privilege Management Cloud pages.
  • Enabled full coverage of the Windows and Mac mappings in ECS format via the SIEM settings of the Configuration page.
  • Added audit trails for Policies, Computer Groups, Computers and Users on their respective View Details pages.
  • Included Policy Sync Timestamp value to the Management API Computer List and Detail calls.

Endpoint Privilege Management Cloud Windows Adapter

  • Endpoint Privilege Management Cloud adapter installer now supports proxy configuration and persistence via command line arguments.

Issues Resolved:

Policy Editor

  • Null is now being used for SID to fix matching issue.
  • TAP now enables correctly, following merging a policy template.
  • Mandatory criteria: The ActiveX codebase field is now populated when adding ActiveX events to policy.
  • Updated Endpoint Privilege Management Cloud Policy Editor to call new Endpoint Privilege Management Cloud API to reduce load times to pull AAD groups.
  • Resolved an issue when adding Azure AD groups or users to Windows messages for Designated Users.
  • Updated UI to ensure consistency across the Policy Editor. Add hyphen to On Demand in Policy Editor side menu.
  • Resolved an issue with the Windows General Rules page enabled in read-only mode.
  • Advanced Agent Settings: enable registry key with the same name to be added for 32-bit and 64-bit.
  • Corrected spelling mistake in the Mac Policy Editor.

Endpoint Privilege Management Reporting

  • Resolved an issue where the correct event was not added to the policy from the Event Detail page.
  • Resolved an issue with child processes not showing in the process hierarchy when viewing the parent process. Correct child process displays for the relevant parent process on Event Details page.

Endpoint Privilege Management Cloud

  • Resolved an issue with an unexpected error occurring when saving changes after discarding changes on the User page.
  • Updated Policy panel with UI improvements: bolded Group label, changed button arrangement, aligned collapse icon, and added focus state.
  • Resolved an issue where the Validation message appears when cancelling the dialog for creating an API account.
  • Changed the internal server error that occurrred while committing a draft policy.
  • Resolved errors that occurred when restarting adapter service.

Components:

  • PM Reporting: 23.1.67
  • Web Policy Editor: 23.1.232
  • PM Reporting UI: 23.1.362
  • Event Collector: 23.1.28
  • PM Cloud: 23.1.931

Compatibility:

 

Do not install a new adapter version before you are running a version of Endpoint Privilege Management Cloud that supports it. Installing an unsupported adapter can result in endpoints that no longer connect. You will be notified before your instance of Endpoint Privilege Management Cloud is upgraded.

  • PM Windows Adapter: 23.1.931.0 (Recommended), 22.9.386.0, 22.8.396, 22.7.271, 22.6.273, 22.5.144, 22.4.227, 22.3.310, 22.2.584
  • PM MMC snap-in: 22.9.268 (Recommended), 22.9.243.0, 22.7.205.0, 22.5.184.0, 22.5.179.0, 22.3.145.0, 22.1.95, 21.7.152, 21.5.106, 21.4.91.0, 21.3.135, 21.2.98, 21.1.133
  • PM for Windows: 22.9.268 (Recommended), 22.9.243.0, 22.7.205.0, 22.5.184.0, 22.5.179.0, 22.3.145.0, 22.1.95, 21.7.152, 21.5.106, 21.4.91.0, 21.3.135, 21.2.98, 21.1.133
  • PM for macOS: 23.1.0.1 (Recommended), 22.9.0.22, 22.7.0.83, 22.5.1.1, 22.3.1.2, 22.1.0.74, 21.7.0.1, 21.5.0.25, 21.4.0.3
  • PM macOS Adapter: 23.1.0.1 (Recommended), 22.9.0.22, 22.7.0.83, 22.5.0.1, 22.3.0.1, 22.1.0.74
  • PM Rapid Deployment Tool for macOS: 23.1.0.1 (Recommended), 22.7.0.9, 22.5.1.1, 22.5.0.1, 22.3.145.0, 22.1.0.1, 22.1.0.74, 21.4.0.4
  • PM Response Generator for Windows: 22.9.268 (Recommended), 22.9.243.0, 22.7.205.0, 22.5.184.0, 22.5.179.0, 22.3.145.0, 22.1.95
  • PM Response Generator for macOS: 23.1.0.1 (Recommended), 22.9.0.22, 22.7.0.83, 22.5.1.1, 22.5.0.1, 22.3.0.1, 2.2.0.74