Privilege Management for Windows 21.2 Release Notes

April 13, 2021

Requirements:

  • Microsoft .NET Framework 4.0 (required to use Activity Viewer, Power Rules, PowerShell audit scripts, and PowerShell API)
  • PowerShell 3.0 (required to use Power Rules, PowerShell audit scripts, and PowerShell API)
  • Microsoft SQL Server Compact 4.0 (required on the endpoint that will run the Activity Viewer console)
  • McAfee Agent (required if you are installing the Privilege Management client with switch EPOMODE=1)

The executable version of the client package includes all necessary prerequisites (excluding .NET Framework 4.0) and automatically installs them as necessary. If you use the MSI or ZIP package, you must manually install any necessary prerequisites.

New Features and Enhancements:

  • Clients:
    • Added a custom log location solely for BeyondTrust events, in order that they may more easily be reviewed. May be enabled using install switch APPEVENTLOGTYPE=1 (default behavior is the existing Application EventLog location).
    • Updated product icons to the latest versions.
  • Policy Editor:
    • Added a Reason dropdown option for MacOS messages.
    • QuickStart policy updates allow the application of rules to the new battery preference pane in MacOS, and provide better visibility of active admin accounts within QuickStart.

Issues Resolved:

  • Resolved issue in which some customers experienced high CPU usage spikes and latency when targeting background processes.
  • Resolved a performance issue in which MMC could hang due to an unmatched process name.
  • Resolved an application matching problem with applications residing on mapped drives that also had an external manifest file that specified requireAdministrator.
  • Resolved issue that was causing communication problems between an elevated ActiveX COM and Internet Explorer.
  • Resolved issue in which the User Domain name and SID did not always correctly display data corresponding to the bound domain even when not currently connected to that domain.
  • Resolved issue in which the Longest Hook Calls in TraceConfig did not contain data from all hooks.
  • Resolved issue in which an empty Application File Description could cause the file name to appear empty in messages.
  • Resolved issue with TAP policies in which the drive type was incorrectly labeled in the config.
  • Resolved issue in which the Authorizing User Domain name and SID did not always correctly display data corresponding to the correct domain of authorising user.
  • Resolved issue in which the File Owner Domain name and SID did not always correctly display data corresponding to the correct domain of the file owner.

Compatibility:

  • Privilege Management Policy Editor 21.2 (recommended), 5.2+
  • Privilege Management ePO Extension 21.1 (recommended), 5.2+
  • Privilege Management Console Windows Adapter 21.2 and 1.4+
  • BeyondInsight/Password Safe 7.2 (recommended), 6.9+
  • McAfee Agent 5.7 (recommended), 5.6+
  • McAfee ePO Server 5.10 (recommended), 5.9

Supported Operating Systems:

  • Windows 10
    • 20H2
    • 2004
    • 1909
    • 1809
    • LTSB 2015
    • LTSB 2016
    • LTSC 2019
  • Windows 8 / 8.1
  • Windows 7
  • Server
    • 2019
    • 2016
    • 2012R2
    • 2012

For more information about compatibility, please see Privilege Management for Windows and Mac: Supported Versions and Operating System Compatibility.