Privilege Management for Windows 5.6 Release Notes

May 6, 2020

New Features and Enhancements:

  • Policy Editor
    • Mac Package Auth URI now always matches exactly against the system.install.software request URI.
    • Added a new reporting option, Privilege Management Reporting, to the BeyondInsight version of the Policy Editor.
      • Applies to Windows and macOS nodes.
      • When configured, will send Privilege Management Reporting events to BeyondInsight.
      • Extra BeyondInsight installation steps are required to support Privilege Management Reporting in BeyondInsight.
  • Other
    • Added Off the Hook Privilege Management: EXE & MSI (install) and scripts. Moved interception points for Privilege Management features from user into kernel space (affects executables, installers, and hosted file types).
    • Reporting through BeyondInsight.
      • Privilege Management Reporting events can now be sent to BeyondInsight.
      • Extra installation steps are required to support Privilege Management Reporting in BeyondInsight.
    • Resolved compatibility issues with some antivirus products, including Avast, AVG, Cylance, and Kaspersky.

Issues Resolved:

  • Resolved an issue where a crash can occur due to an APC race condition on driver unload. A Privilege Management for
  • Windows upgrade caused a crash in some circumstances.
  • Resolved an issue with a black screen on boot after system scan. A compatibility issue with a Kontur scan can cause a black screen on reboot.
  • Resolved an issue with processes not launching with AVG for Business and Privilege Management for Windows.
  • Resolved an issue with applications not launching when AVG for Business is installed.
  • Resolved an issue with applications crashing when AVG is installed on a Windows 10 endpoint. There was a compatibility issue with applications/processes failing to start with AVG for Business installed.
  • Resolved a compatibility issue with Avast Business Security and PGDriver.
  • Resolved an issue with a Privilege Management for Windows driver incompatible with Avast antivirus. There was a compatibility issue with applications and processes failing to start with Avast Business Security installed.
  • Resolved an issue with Access Denied errors when Privilege Management for Windows and Kaspersky are running.

Requirements:

  • Microsoft .NET Framework 4.0 (required to use Activity Viewer, Power Rules, PowerShell audit scripts, and PowerShell API)
  • PowerShell 3.0 (required to use Power Rules, PowerShell audit scripts, and PowerShell API)
  • Microsoft SQL Server Compact 4.0 (required on the endpoint that will run the Activity Viewer console)
  • McAfee Agent (required if you are installing the Privilege Management client with switch EPOMODE=1)

The executable version of the client package includes all necessary prerequisites (excluding .NET Framework 4.0) and automatically installs them as necessary. If you use the MSI or ZIP package, you must manually install any necessary prerequisites.

Compatibility:

  • Privilege Management Console 4.5 or later
  • Privilege Management ePO Extension 5.4 (recommended), 5.0+
  • Privilege Management Console Adapter 2.1 and 1.4
  • McAfee Agent 5.6 (recommended), 5.0+
  • McAfee ePO Server 5.10 (recommended), 5.9
  • McAfee Endpoint Security (ENS)
    • ENS Adaptive Threat Protection (ATP) 10.x with Generic Privilege Escalation Prevention (GPEP) enabled and disabled
    • ENS Firewall 10.x
    • ENS Threat Prevention 10.x
    • ENS Web Control 10.x
  • McAfee MOVE Multi-Platform Client

    If the version of McAfee MOVE is compatible with the McAfee Agent you are using, then Privilege Management is also compatible. The following McAfee supported versions of the MOVE Multi-Platform Client are compatible with this version of the Privilege Management client. The agentless version of McAfee MOVE is not supported.

    • MOVE AV[Multi-Platform] SVA Manager 3.6.1.141
    • MOVE AV[Multi-Platform] Client 3.6.1.141
    • MOVE AV[Multi-Platform] License Extension 3.6.1.141
    • MOVE AV[Multi-Platform] Offload Scan Server 3.6.1.141

Supported Operating Systems:

  • Privilege Management/Application Control Support
    • Windows 7
    • Windows 8 and 8.1
    • Windows 10 builds Enterprise 2015 LTSB, Enterprise 2016 LTSB, 1703, 1709, 1803, 1809, 1903, 1909
    • Windows Server 2008 R2
    • Windows Server 2012
    • Windows Server 2012 R2
    • Windows Server 2016
    • Windows Server 2019