Endpoint Privilege Management for Mac 5.7 SR1 Release Notes

December 3, 2020

New Features and Enhancements:

  • Improved the handling of the quarantine flag on applications that are installed with the finder assist, so that source matching criteria can be used on them.
  • Challenge/response dialogs now show the current and maximum number of attempts, if a maximum number of attempts is configured for the message.
  • The sudo plugin now uses unified logging, and logs can be filtered using subsystem:com.beyondtrust.sudo. These logs are also now captured when using the Capture Config support tool.
  • Privilege Management for Mac no longer controls a right to pair smart cards for users. We now support controlling authorization prompts when smart cards are enforced if the allowUnmappedUsers option is enabled on the system. See the SmartCardServices system man page for more information.

Issues Resolved:

  • Occasionally running macOS's utility to enable the Privilege Management for Mac Finder extension silently fails. We now check whether it is enabled and retry to enable, if necessary. Privilege Management for Mac only automatically enables the Finder extension for a user the first time they log in after Privilege Management for Mac is installed, so they have the ability to disable it.
  • When an application bundle is defined in a policy using exact URI matching, we now only match against the main bundle's binary, as defined by its Info.plist. This prevents embedded helper tools from triggering the rule. If you wish to match helper tools, you should use other matching criteria or match types.
  • If the process responsible for Privilege Management for Mac messaging is killed by the end user, this can result in the process that was being launched to hang for a long period of time before being killed by the Application control feature. The behavior now is on the messaging process being killed; the application being launched will immediately be killed, resulting in the same behavior as the user selecting Cancel on the presented dialog.
  • Resolved an occasional crash in Privilege Management for Mac's Endpoint Security System Extension. Users may have seen crash logs for the Endpoint Security System Extension related to unsynchronized dictionary access, which this addresses.
  • We no longer display a message when running a program for users who have already entered a valid and retained challenge response code.

Compatibility:

  • Endpoint Privilege Management Policy Editor 5.6
  • Endpoint Privilege Management ePO Extension 5.7
  • Endpoint Privilege Management Console Adapter 2.4+
  • BeyondInsight Adapter 5.6

If you have a business requirement to downgrade the Mac client, please first uninstall the currently installed version.

Supported Operating Systems:

  • macOS 11.0 Big Sur
  • macOS 10.15 Catalina
  • macOS 10.14 Mojave