Endpoint Privilege Management for Windows 24.1 Release Notes

February 13, 2024

Requirements:

  • Microsoft .NET Framework 4.6.2 (required to use Power Rules, PowerShell audit scripts, PowerShell API, and Agent Protection)
  • Microsoft .NET Framework 4.8 (required to use Multifactor Authentication with an OIDC provider)
  • PowerShell 3.0 (required to use Power Rules, PowerShell audit scripts, and PowerShell API)
  • Trellix (formerly McAfee) Agent (required if you are installing the Privilege Management client with switch EPOMODE=1)
The executable version of the client package includes all necessary prerequisites (excluding .NET Framework) and automatically installs them as necessary. If you use the MSI or ZIP package, you must manually install any necessary prerequisites.

New Features and Enhancements:

  • The Privilege Management Console AD Connector, introduced in version 24.1, can be installed and upgraded alongside Endpoint Privilege Management for Windows with Agent Protection enabled.

Issues Resolved:

  • Resolved an issue where matching criteria were being evaluated for disabled rules. This will improve performance for policies with disabled rules. In this scenario, the application was not matched, but still evaluated.
  • Added Polish language support to correctly hide Run as administrator option for On-demand rules.
  • Resolved an issue with installers and uninstallers failing when authenticating using a message with challenge response configured.
  • Resolved an issue where hosted file types (e.g. scripts) could be incorrectly matched based on path when executed from a UNC network share.
  • Resolved an issue with combo box options in Endpoint Privilege Management for Windows messages not opening using the down arrow on the keyboard.
  • Resolved an issue with PID reuse causing incorrect parent/child matching, most notably seen in Trusted Application Protection, blocking false positives.

Security Updates

  • Removed MMC Policy Editor snap-in dependency on SQL Native Client 11, which is end of life; replaced by OLE DB Driver for SQL Server.
  • Updated the Quick Start template to run Process Explorer with Basic Admin token rather than Full Admin. We recommend updating your QuickStart based policies following this KB article: QuickStart Template for Full Admin Rights with Sysinternals Process Explorer.

Known Issues:

Agent Protection may block upgrading Endpoint Privilege Management for Windows via Package Manager. If using Agent Protection and Package Manager, please follow these instructions: https://beyondtrustcorp.service-now.com/csm?id=kb_article_view&sysparm_article=KB0020423. This issue has been resolved in version 24.1.

Compatibility:

  • Endpoint Privilege Management Policy Editor 24.1 (recommended), 22.1+
  • Endpoint Privilege Management ePO Extension 23.10 (recommended), 22.7+
  • Endpoint Privilege Management Console Windows Adapter 24.1 (recommended), 22.1+
  • BeyondInsight/Password Safe23.3 (recommended), 7.2+
  • Trellix Agent 5.7+
  • Trellix ePO Server 5.10 Service Pack 1 Update 1(recommended), Update 13+

Supported Operating Systems:

  • Windows 11
    • 23H2
    • 22H2
    • 21H2
  • Windows 10
    • 22H2
    • 21H2
    • LTSB 2015
    • LTSB 2016
    • LTSC 2019
    • LTSC 2021
  • Server
    • 2022
    • 2019
    • 2016
    • 2012R2
    • 2012
    • Core 2016
    • Core 2019
    • Core 2022

For more information about compatibility, please see Privilege Management for Windows and Mac: Supported Versions and Operating System Compatibility.

Notes:

None.