Privilege Management for Windows 22.5 Release Notes

July 7, 2022

Requirements:

  • Microsoft .NET Framework 4.0 (required to use Activity Viewer, Power Rules, PowerShell audit scripts, and PowerShell API)
  • Microsoft .NET Framework 4.6.2 (required to use Agent Protection)
  • Microsoft .NET Framework 4.8 (required to use Multifactor Authentication with an OIDC provider)
  • PowerShell 3.0 (required to use Power Rules, PowerShell audit scripts, and PowerShell API)
  • Microsoft SQL Server Compact 4.0 (required on the endpoint that will run the Activity Viewer console)
  • McAfee Agent (required if you are installing the Privilege Management client with switch EPOMODE=1)
The executable version of the client package includes all necessary prerequisites (excluding .NET Framework) and automatically installs them as necessary. If you use the MSI or ZIP package, you must manually install any necessary prerequisites.

New Features and Enhancements:

Client

  • An endpoint running Endpoint Privilege Management for Windows no longer needs to be restarted for some features after an upgrade. The following features now continue to work after an upgrade without needing a reboot: Child inheritance, Elevation when using Secure Boot, Force Standard User Rights in dialogs, Zone ID tagging, Challenge response and MFA suppression sessions. In our next release we will extend this to remove the need to reboot entirely when performing an upgrade (these features: DLL Control, Content Control).
  • Added option called Agent Protection. When enabled, prevents the uninstall of Endpoint Privilege Management for Windows through normal means (Control Panel, command line, etc.).

Policy Editor

  • The new Agent Protection feature can be configured through the MMC snap-in.

Issues Resolved:

  • Resolved issue in which the Defendpoint service could have a high handle count on endpoints.
  • Resolved issues that were preventing the JAWS screen reader from reading our messages correctly.

Compatibility:

  • Privilege Management Policy Editor 22.5 (recommended), 5.6+
  • Privilege Management ePO Extension 21.2 (recommended), 5.2+
  • Privilege Management Console Windows Adapter 22.5 (recommended), 21.1
  • BeyondInsight/Password Safe 22.1 (recommended), 7.2
  • McAfee Agent 5.7 (recommended)
  • McAfee ePO Server 5.10 (recommended), 5.9

Supported Operating Systems:

  • Windows 11
    • 21H2
  • Windows 10
    • 21H2
    • 21H1
    • 20H2
    • 1909
    • LTSB 2015
    • LTSB 2016
    • LTSC 2019
  • Windows 8.1
  • Server
    • 2022
    • 2019
    • 2016
    • 2012R2
    • 2012

For more information about compatibility, please see Privilege Management for Windows and Mac: Supported Versions and Operating System Compatibility.

Notes:

  • BeyondTrust is ending support for all new versions of Privilege Management for Windows on Windows 7, effective this release so that we can concentrate on providing the best possible protection on supported versions of Windows 10 and 11. If you have any concerns about this course of action please get in touch via your usual contact.
  • Endpoint Privilege Management for Windows 22.5 supports upgrades from Endpoint Privilege Management for Windows 5.2+.