DocumentationAPI ReferenceRelease Notes
Release Notes
Back to All

Endpoint Privilege Management for Windows 25.8.12

about 3 hours ago

November 4, 2025

✨ Enhancements

  • Added support for Windows 25H2.

🛠️ Issues resolved

DescriptionResolution
Intune AutoPilot Fails Since July OS UpdateResolved compatibility issue causing Microsoft AutoPilot to fail during computer setup.
'Requires Elevation' does not work when elevation is required via the Compatibility tabResolved an issue where the service was not respecting the "Run this program as administrator" setting in the Windows Explorer File Properties Compatibility menu for the current user.
Defendpoint Service crashes from indefinite recursions caused by identical parent-child PIDsResolved an issue where advanced parent tracking could incorrectly identify a process as its own parent instead of the actual parent process.
Failure occurs when elevating COM classes as a domain admin.Added engineering key SetMandatoryAccessLevelForCOMElevation that when set ensures COM class activated from high integrity process show dialogs.
[PG_POLICY_NAME] value not displaying correctlyA new PGVariable - [PG_CONFIGURATION_NAME] - has been added that can display the name of the configuration.
Oracle Wallet ManagerResolved an issue where the start menu would remain open after launching an elevated process
Balloon messages only appear once for customer in environment.Resolved an issue where Toast notifications would sometimes not show up on older versions of Windows.

🔐Security updates

DescriptionResolution
Anti-tamper group can be deleted with elevated PowerShellResolved an issue where local groups could incorrectly be removed.

📝 Requirements

  • Microsoft .NET Framework 4.6.2 (required to use Power Rules, PowerShell audit scripts, PowerShell API, and Agent Protection)
  • Microsoft .NET Framework 4.8 (required to use Multifactor Authentication with an OIDC provider)
  • PowerShell 3.0 (required to use Power Rules, PowerShell audit scripts, and PowerShell API)
  • Trellix (formerly McAfee) Agent (required if you are installing the Privilege Management client with switch EPOMODE=1)

©2003-2025 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.