Privilege Management for Windows 21.5 Release Notes

August 19, 2021


  • Microsoft .NET Framework 4.0 (required to use Activity Viewer, Power Rules, PowerShell audit scripts, and PowerShell API)
  • PowerShell 3.0 (required to use Power Rules, PowerShell audit scripts, and PowerShell API)
  • Microsoft SQL Server Compact 4.0 (required on the endpoint that will run the Activity Viewer console)
  • McAfee Agent (required if you are installing the Privilege Management client with switch EPOMODE=1)
The executable version of the client package includes all necessary prerequisites (excluding .NET Framework 4.0) and automatically installs them as necessary. If you use the MSI or ZIP package, you must manually install any necessary prerequisites.

New Features and Enhancements:

  • Privilege Management Policy Editor:
    • User requests to run or perform an action can now be given a duration. This can be either:
      • Once: The client can perform the action one time and the user must re-request if they need to repeat the action.
      • Duration: The client can perform the action an unlimited number of times within the duration (for example, 1 hour, 1 day, 30 days). Once the duration expires the user must submit a new request.

        Added a pending message, so that if a user attempts to perform the same action while they have an outstanding request, they are advised of its status.

    • Updates to the QuickStart policy include:
      • A new list of reasons available in the Reason dropdown
      • Block some additional shells as Sudo commands on Mac
      • Restricts additional system properties on Windows
      • 300 events are no longer raised from the internal iC3Service user account

Issues Resolved:

  • Resolved a cosmetic issue.
  • Resolved an issue in which the user was not correctly informed of an empty challenge response code.


  • Privilege Management Policy Editor 21.5 (recommended), 5.2+
  • Privilege Management ePO Extension 21.1 (recommended), 5.2+
  • Privilege Management Console Windows Adapter 21.6 (recommended), 21.1
  • BeyondInsight/Password Safe 21.1 (recommended), 7.2
  • McAfee Agent 5.7 (recommended), 5.6+
  • McAfee ePO Server 5.10 (recommended), 5.9

Supported Operating Systems:

  • Windows 10
    • 21H1
    • 20H2
    • 2004
    • 1909
    • 1809
    • LTSB 2015
    • LTSB 2016
    • LTSC 2019
  • Windows 8 / 8.1
  • Windows 7
  • Server
    • 2019
    • 2016
    • 2012R2
    • 2012

For more information about compatibility, please see Privilege Management for Windows and Mac: Supported Versions and Operating System Compatibility.


  • Endpoint Privilege Management for Windows 21.5 supports upgrades from Endpoint Privilege Management for Windows 5.2+.
  • To take advantage of the new Duration options with our ServiceNow Integration, please ensure you are running at least version 21.6 of PM Cloud before deploying version 21.5 of the Windows or Mac clients and 21.6 of the Windows adapter.