Endpoint Privilege Management for Windows 25.4.270
about 11 hours ago
July 22, 2025
π New features
Added ECS support for local Windows audit events
We've added support for the Elastic Common Schema (ECS) format to make local auditing even easier.
To learn more about enabling the feature, see the Customer portal.
Local ECS event support is now available in the MMC Event Import
You can now easily bring local ECS events into the MMC Policy Editor event import tool for smoother, more efficient event management.
π οΈ Issues resolved
| Description | Resolution |
|---|---|
| Missing speech driver error blocking JAWS 2025 from loading. | Updated our recommended accessibility policy to be compatible with latest JAWS (May-2025). |
| Entra ID cache not populated during application rule matching | Resolved an issue where Application Rule filtering using Entra ID accounts wasn't working. |
| Resolved an issue where applications with malformed file versions were causing issues in auditing and matching. | Resolved an issue where applications with malformed file versions were causing issues in auditing and matching. |
| Defendpoint Event Messages Text File Has Range Issues For Event IDs | Resolved an issue where EPM for Windows would cause BMC's client agent to crash. To apply this fix, see the Customer portal. |
| BSOD caused by unsafe accesses to user memory in PGDriver. | Added a mitigation fix which addresses a stability issue in PGDriver caused by DLLs unexpectedly being unloaded or modified from user-mode. |
| HP PC Hardware Diagnostic Windows drops to user/password prompt | Resolved an issue where UAC prompts appeared during the launch of certain packaged desktop applications. |
πSecurity updates
| Description | Resolution |
|---|---|
| Pentest - No IV or Non-Randomness in CBC Mode (PowerShell API) | Made the encryption process of configuration values on policy XMLs more robust. See the Customer portal for more details. |
π Requirements
- Microsoft .NET Framework 4.6.2 (required to use Power Rules, PowerShell audit scripts, PowerShell API, and Agent Protection)
- Microsoft .NET Framework 4.8 (required to use Multifactor Authentication with an OIDC provider)
- PowerShell 3.0 (required to use Power Rules, PowerShell audit scripts, and PowerShell API)
- Trellix (formerly McAfee) Agent (required if you are installing the Privilege Management client with switch EPOMODE=1)
π Compatibility
| Product | Supported |
|---|---|
| Endpoint Privilege Management Policy Editor | 25.4 (recommended), 22.1+ |
| Privilege Management ePO Extension | 25.2 (recommended), 22.7+ |
| EPM Console Windows Adapter | 25.4 (recommended), 22.1+ |
| BeyondInsight/Password Safe | 24.2.1 (recommended) |
| Trellix Agent 5.7+ | 5.7+ |
| Trellix ePO Server | 5.10 Service Pack 1 Update 4 (recommended), Update 13+ |
β° Upcoming deprecation notice: EPM for Windows tools
As per the deprecation notice provided in 2019 via the 5.5 admin guide (BeyondTrust End User Utilities section), the following tools will be removed with the EPM for Windows 25.6 release:
- PGProgramsUtil.exe
- PGNetworkAdapterUtil.exe
- PGPrinterUtil.exe
If you or your team rely on any of these executables, or have concerns about their deprecation, reach out to us immediately. We value your input and will work to ensure a smooth transition.
