Privilege Management for Windows 21.7 Release Notes

December 14, 2021


  • Microsoft .NET Framework 4.0 (required to use Activity Viewer, Power Rules, PowerShell audit scripts, and PowerShell API)
  • Microsoft .NET Framework 4.8 (required to use Multifactor Authentication with an OIDC provider)
  • PowerShell 3.0 (required to use Power Rules, PowerShell audit scripts, and PowerShell API)
  • Microsoft SQL Server Compact 4.0 (required on the endpoint that will run the Activity Viewer console)
  • McAfee Agent (required if you are installing the Privilege Management client with switch EPOMODE=1)
The executable version of the client package includes all necessary prerequisites (excluding .NET Framework) and automatically installs them as necessary. If you use the MSI or ZIP package, you must manually install any necessary prerequisites.

New Features and Enhancements:

  • Client (PM Cloud Only)
    • Added authorization request and policy exception enhancements to the Windows agent to display the outcome of an application access request as a message onscreen to the end user. Approval messages also inform of the duration they have been granted. An update check is also performed whenever a user attempts to open an application on which there is an outstanding request.

Issues Resolved:

  • Resolved delay with merging PDFs when Endpoint Privilege Management for Windows is present on system.
  • Resolved issue in which the setup for .NET 5 SDK hung on Initializing only when using On-Demand rule. If using an Application Rule, the install was successful.
  • Resolved issue in which messages that had a smart card authorization method would show the smart card details misaligned.
  • Resolved issue in which user message changes were not being saved in the Policy Editor UI, and as a result, the previous user message was displayed on the endpoint.
  • Resolved issue in which PGMessageHost returned non-zero values on success. Endpoint Privilege Management for Windows treated this as an error.



If using the ServiceNow User Request Management (URM) feature, your instance of PM Cloud and all adapters must be updated to 21.8 or above before updating your endpoint agents to version 21.7.Using the newer agent with earlier versions of PM Cloud will cause request messages to become stuck in the Pending state.

Endpoint Privilege Management for Windows 21.7 and Endpoint Privilege Management Cloud 21.8 have enhanced the URM feature to be more user-friendly. Pending user request checks now happen whenever the requested application is run.

This affects only the PM Cloud and ServiceNow User Request Management (URM) feature specifically. If you are not using this feature, please disregard this warning.

  • Privilege Management Policy Editor 21.7 (recommended), 5.6+
  • Privilege Management ePO Extension 21.2 (recommended), 5.2+
  • Privilege Management Console Windows Adapter 21.8 (recommended), 21.1
  • BeyondInsight/Password Safe 21.2 (recommended), 7.2
  • McAfee Agent 5.7 (recommended), 5.6+
  • McAfee ePO Server 5.10 (recommended), 5.9

Supported Operating Systems:

  • Windows 11
    • 21H2
  • Windows 10
    • 21H1
    • 20H2
    • 2004
    • 1909
    • 1809
    • LTSB 2015
    • LTSB 2016
    • LTSC 2019
  • Windows 8 / 8.1
  • Windows 7
  • Server
    • 2019
    • 2016
    • 2012R2
    • 2012

For more information about compatibility, please see Privilege Management for Windows and Mac: Supported Versions and Operating System Compatibility.


  • Endpoint Privilege Management for Windows 21.7 supports upgrades from Endpoint Privilege Management for Windows 5.2+.