Privilege Management for Windows 5.7 Release Notes

October 13, 2020

Requirements:

  • Microsoft .NET Framework 4.0 (required to use Activity Viewer, Power Rules, PowerShell audit scripts, and PowerShell API)
  • PowerShell 3.0 (required to use Power Rules, PowerShell audit scripts, and PowerShell API)
  • Microsoft SQL Server Compact 4.0 (required on the endpoint that will run the Activity Viewer console)
  • McAfee Agent (required if you are installing the Privilege Management client with switch EPOMODE=1)

The executable version of the client package includes all necessary prerequisites (excluding .NET Framework 4.0) and automatically installs them as necessary. If you use the MSI or ZIP package, you must manually install any necessary prerequisites.

 

If you use the "Uninstaller" application type with a Privilege Management for Windows Client and Policy Editor prior to the 5.7.x release, backup policies before any upgrade and ensure ALL clients are upgraded to 5.7 before upgrading the Policy Editor. For more information, please see Privilege Management for Windows 5.7.x - Granular uninstall feature.

New Features and Enhancements:

  • Password Safe Integration
    • Added Off Network Account Management for rotation of Password Safe managed accounts initiated from an endpoint.
    • Added Allow as Password Safe User option to run an application using a credential retrieved from Password Safe.
  • Policy Editor
    • Allow as Password Safe User can now be configured via the BeyondInsight MMC snap-in.
      • New action: Allow as Password Safe User
      • New dependent field: Password Safe Account Name
    • Off Network Account Management can now be configured.
      • New node in the BeyondInsight snap-in: Integration Settings
      • New Password Safe settings: Activation and Heartbeat Interval
    • Improved Uninstaller targeting.
      • Allows specific targeting of uninstallation actions by File Name and Upgrade Code
      • File & folder browser added to the Insert Application wizard
  • Other
    • Introduced the Endpoint Diagnostics Tool to diagnose endpoint connectivity issues with the BeyondInsight management platform (DiagnosticsCli.exe /bi /c).
    • Added latest policy update to the Endpoint Diagnostics Tool from the BeyondInsight management platform (DiagnosticsCli.exe /bi /p).

Issues Resolved:

  • Policy Editor
    • Resolved issue with the Mac Policy Editor where bundle and system preferences template icons were inconsistent.
    • Resolved issue with the Mac Policy Editor where inserting a Script did not enable File or Folder name by default.
    • Resolved issue with Edge (Chromium) Setup being incorrectly blocked by the Trusted Application Protection policy template.
    • Updated some default Dutch message translations in Quick Start for Windows policy template.
    • Resolved issue where the QuickStart Policy was incorrectly preventing installation of Privilege Management Policy Editor, Activity Viewer, and Challenge Response Generator.
  • Privilege Management for Windows
    • Resolved issue with File Hash matching criteria. Matching criteria is now case insensitive.

Compatibility:

  • Privilege Management Policy Editor 5.7 (recommended), 5.0+
  • Privilege Management ePO Extension 5.7 (recommended), 5.0+
  • Privilege Management Console Windows Adapter 2.4 and 1.4+
  • BeyondInsight/Password Safe 7.1 (recommended), 6.9+
  • McAfee Agent 5.6 (recommended), 5.0+
  • McAfee ePO Server 5.10 (recommended), 5.9

Supported Operating Systems:

For information about Supported Operating Systems, please see Privilege Management for Windows and Mac: Supported Versions and Operating System Compatibility.