DocumentationAPI ReferenceRelease Notes
Log In
Release Notes
Back to All

Endpoint Privilege Management for Mac 24.7 release notes

2 months ago

November 21, 2024

Requirements:

  • Trellix (formerly McAfee) Agent (required if you are installing the Privilege Management client with Trellix).

New features

To boost productivity, streamline deployment processes, and speed up the value realization journey with EPM, we are introducing Just-in-Time (JIT) Admin Access. This innovative feature provides temporary local admin permissions to your standard user base, offering a quick solution for situations not yet addressed by your existing policies.

To enable this feature, go to EPM SaaS and set in your policy which workstyles are authorized to request admin privileges. Users belonging to these workstyles can kick off an admin session through their EPM endpoint app, conveniently accessible from the System Tray or Menu bar. The EPM endpoint app offers a detailed overview of past requests.

Your EPM SaaS administrators (or individuals assigned the specific role ofAdminAccessRequestApprover) oversee these requests in the JIT Access Management > Admin section of EPM SaaS. They have the authority to approve or decline requests and set the duration of the admin session.

Additionally, requests can be seamlessly processed through another IT Service Management (ITSM) tool (such as Jira) via webhooks integration.

Each request, decision, and action taken with admin privileges during the session is meticulously logged and can be easily referenced from both ongoing and concluded sessions. This empowers you to adjust your application rules to accommodate new usage scenarios as they arise.

Enhancements

We've added improvements to the request view in the Endpoint Privilege Management app. Requests now show:

  • ServiceNow ticket requests as a clickable link
  • Request Creation time in the header of the request
  • The duration of approved, for requests not yet run
  • The expired request state when unused approvals have timed out

We’ve updated our MDM Configuration profile so that Endpoint Privilege Management notifications are now enforced. The new version is 2.3.0.

Issues resolved

DescriptionResolution
EPM-M logging displays message Dialog for plugin ID has been closed when an EPM-M message had not been displayed.The log message only displays when an EPM-M message displays.
The following directories and files were not protected by our Anti-Tamper feature:
/Library/Application Support/BeyondTrust
/Library/Application Support/Avecto
/Library/Application Support/Avecto/Custodian/custodian.plist		Updated Anti-Tamper feature to include these areas.
The AWS VPN application periodically stops working when used with EPM-M as during the file interrogation process.The application is no longer blocked and can run successfully.
EPM-M blocking the Molecular Operating Environment (MOE) application from running.The application is no longer blocked and can run successfully.
The latest version of the FlowJo Application (v10.10) not opening successfully with EPM-M installed.The application runs successfully.
Certain applications running on Apple Silicon devices using Rosetta, like iTerm, fail to load with EPM 24.5 release.The application is no longer blocked and can run successfully.
Cannot tab through EPM-M message dialog boxes to access settings. For example, Allow (Enter Reason) and Allow (Select Reason) messages.Added accessibility improvements to EPM-M message dialog boxes.
Admin prompts appeared when attempting to remove applications like Zscalar.Updated the EPM-M settings and the settings package generated by the Rapid Deployment Tool.
EPM prevents software from uninstalling System Extensions like Carbon Black.EPM no longer actively controls the Authorization right com.apple.system-extensions.admin so this will require real admin credentials.
Endpoints with BeyondInsight and PasswordSafe configured can lose their local policy. This issue can result in extra assets appearing in BeyondInsight due to the Adapter incorrectly registering the machine as a new device when the settings.pkg file produced by the Rapid Deployment Tool is reinstalled.
Note that when downgrading from this version of the BeyondInsightAdapter, you may see an extra asset registering in BeyondInsight.		In an EPM-M and BeyondInsight integration, the settings_pkg no longer overwrites the settings_app.xml file.
Core functionality of the Trellix File and Removable Media Protection (FRP) application was not working as expected with EPM-M installed.Applications launched from a drive protected by FRP can now run if an EPM-M policy allows it.

Compatibility:

  • Endpoint Privilege Management Policy Editor 24.7
  • Endpoint Privilege Management ePO Extension 22.7
  • Endpoint Privilege Management Console Adapter 24.7
  • BeyondInsight/Password Safe 24.2.1
  • Trellix Agent 5.7

ℹ️

Note

If you have a business requirement to downgrade the EPM-M client, first uninstall the currently installed version.

ℹ️

Note

For information on supported operating systems, see Supported platforms.

©2003-2025 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.