Netwrix is pleased to announce the general availability of Netwrix Endpoint Protector 5.9.4.3 EPP Client release. With this release, you’ll notice significant compliance and functional enhancements to Netwrix Endpoint Protection Clients, including the following:
Download Netwrix Endpoint Protector 5.9.4.3 for Windows here!
EPP 5.9.4.3 for Windows SHA512:
3e25885964f23551da3616c69b0c4f42c77fba0314a21630e4b88fdf758fed378c0e540cfa72b8111fcecec1baa1a115601aa615c507f3947b8cb7f6c4d27a87
EPP 5.9.4.3 for macOS SHA512:
7ab52044439dc7ec95b169b12681a27f814f3e810eec466d4657b23a3de31527b21ddc4b1e06890d384a7c4bc45849dbb15c92aad887674ec1d630ec1a1d074f
Download Netwrix Endpoint Protector 5.9.4.3 NewOutlook add-in here!
EEP 5.9.4.3 NewOutlook add-in SHA512:
210b171f4d51a61cc1ee771e22a9e75c11f6e123ce3d9b13b25d8c54570a1072c539a89332e8259f149d36ffcedb8a4e91c301d20335137cea1297b637f81df4
Download Netwrix Endpoint Protector 5.9.4.3 Offline Client Patch here!
EPP 5.9.4.3 Offline Client Patch SHA512:
d8c15eac8d81add4ff8f8ce44de6951f33625e08e88ea7a712afa1b724fd8609b113856687d5cd0ede5ecd6a0b1266f4d1a9fa2d400adf7edf8f2c2d2751f2bb
Want to be notified of future product updates?
Are you subscribed to this category? If not, or if you're not sure, expand me to see how!
What’s New in Endpoint Protector 5.9.4.3
The following components have been updated with this release:
- Windows Client: 6.2.5.1004
Browser print plugin: 1.10 - Mac Client: 3.0.5.1005
- Linux Client: 2.4.5.1002
- Outlook add-in: 1.0
IMPORTANT: This release does not alter EPP Server or Enforce Encryption Client versions and focuses solely on changes to the EPP Client.
IMPORTANT: This release is available via the Offline Client Patch method. Please refer to the user manual for detailed instructions on the process. You can also use the direct link to the archive containing MSI or TAR files to integrate them into your patch management system. For Offline Client upload guid follow the instructions in the user manual to complete the installation process.
Note: The 5.9.4.3 Clients were tested in conjunction with the 5.9.4.2 EPP Server and Unify 7.3. We recommend using them as a pair for optimal performance. However, the clients may also work with older EPP servers.
IMPORTANT: Customers who utilize the embedded EPP Server Client upgrade feature must use these EPP Clients mandatorily if they wish to continue upgrading EPP Clients in the future. This requirement is due to essential Netwrix certificate changes, and failure to do so will result in unsuccessful EPP Client upgrades..
New Native Windows OCR Engine Support
We are pleased to announce the introduction of support for Microsoft’s native Windows.Media.Ocr engine within EPP Clients, offering a significant upgrade in Optical Character Recognition (OCR) performance, accuracy, and detection quality. This feature is supported on the latest Windows 10 and 11 versions. Combined with the macOS native OCR engine support introduced in version 5.9.0.0, this establishes EPP as a leader in the OCR DLP endpoint market.
Our Quality Assurance testing has demonstrated impressive improvements compared to our previous EPP Windows OCR engine. Based on batch processing of approximately 10,000 image samples, we recorded a 525% decrease in detection time and a 462% increase in the quality of fully accurate detections. Additionally, the average time per positive (non-empty) detection increased by 658% in milliseconds, reflecting enhanced efficiency.
This advancement sets a new benchmark for OCR capabilities in endpoint security.
And the best part is, no additional EPP configuration is needed to switch from the previous engine, as long as OCR has been enabled (user manual).
OCR for Images Embedded in PDF Files
We have introduced the capability for EPP Clients on macOS and Windows to perform Optical Character Recognition (OCR) on images embedded within PDF files. This enhancement brings a new and unique capability to the DLP market, elevating DLP use cases to a new level. Combined with the new native macOS and Windows OCR engines, this feature establishes our Endpoint Client as a leader in image processing for data protection.
HEIC Images Support in OCR on macOS
We have introduced support for the HEIC file type in OCR processing on macOS. This enhancement allows the system to efficiently handle HEIC images, expanding the range of file types that can be processed with OCR capabilities.
Microsoft New Outlook Full Support
We are pleased to announce that starting with Endpoint Protector Clients version 5.9.4.3, New Outlook can now be fully managed as a Content Aware Protection Exit Point via the Microsoft 365 Web Add-in. This enhancement differs from COM add-ins used in classic Outlook, which are installed directly on individual endpoints. Microsoft Web Add-ins must be deployed centrally through the Microsoft 365 Admin Center or manually within the user’s Outlook application account.
Unlike traditional add-ins, Microsoft 365 Web Add-ins are linked to user accounts rather than specific computers or devices. Once an add-in is deployed to a user account, it becomes accessible on every device the user utilizes to access that account. This means it cannot be limited to just one device, such as the user’s Mac computer only.
Please refer to new UM section:
EPP Notifier updates
EPP Notifier: new device type column
We have added an additional column for device types in the EPP Client Notifier’s Device Control view, which displays the Device Type. This enhancement allows users to sort devices by category, simplifying coordination between users and administrators. It also aids in managing OTP remediation and provides clearer visibility of devices in use.
EPP Notifier: “Policy Update Now” Command
We have enhanced the EPP Notifier window by introducing a sync button that enables users to trigger policy updates directly from it. This addition facilitates immediate policy synchronization and provides real-time update status, along with the last communication status, to aid in troubleshooting scenarios. Additionally, this enhancement addresses challenges on non-UI Linux distributions, ensuring a seamless user experience and empowering users to initiate policy updates themselves.
EPP Notifier: Locale Updates
The EPP Notifier now features complete translations in German, French, Hungarian, and Polish, enhancing accessibility and user experience for speakers of these languages.
Bug Fixes and Miscellaneous Updates
| Component | Description | Case # | Escalation # |
|---|---|---|---|
| General | EPP Client to Server Communication Compression In this release, we’ve introduced a Client to Server compression feature, which will be utilized in upcoming versions of EPP Servers (5.9.5.0 and higher) and Unify releases (7.4 and higher). This enhancement is designed to conserve bandwidth and reduce transfer limits on metered connections, as well as to lower costs associated with cloud providers. |
382009, 382939, 383176 | 00437920 |
| General | User Remediation Challenge for Domain-Joined Devices Offline This release addresses an issue where domain-joined Windows devices (connected to Active Directory) could not utilize user remediation for device control when disconnected from the network. Previously, attempting to authenticate with user credentials after disconnecting from the network resulted in an “Invalid credentials. Couldn’t initialize the connection.” error. This has been optimized to ensure seamless authentication, allowing users to access connected USB devices even when offline. |
384611 | 00437637 |
| General | Enhancement to EPP Client Behavior on Ubuntu Xorg We’ve refined the login process on Ubuntu Xorg (version 24.04) to prevent the EPP client window from opening automatically without user initiation, ensuring a more seamless user experience. Additionally, options accessed via the right-click menu now appear as intended, enhancing usability. |
385428 | 00435662 |
| General | Resolution for Department Reverting Issue in EPP Client Upgrade Upgrading the EPP client to version 6.2.4.2000 or higher previously caused departments to default to “defdep” due to a re-registration process triggered by an OpenSSL upgrade. This update ensures that custom department settings are retained during client upgrades, whether performed manually or via server updates, maintaining organizational consistency. |
379516 | 00437612, 00437246 |
| General | Improved Client Termination Logging During Node Maintenance The update refines handling to prevent unintended termination logs during node maintenance. This ensures smooth node transitions without triggering “Unplanned Client Termination” or “Forced Uninstall Attempt” logs. |
380237 | 00436395 |
| DC | Improvement in Bluetooth Device Classification for Access Rights The update enhances the accuracy of device classification, addressing situations where Bluetooth headphones previously detected as “Bluetooth Other” by older EPP agents are assigned incorrect access rights upon upgrading. Now, devices identified as “Bluetooth Headphone” will consistently receive the appropriate permissions, reflecting improved device categorization and resolving mismatches in access rights application. |
369454 | 00423693, 00424784 |
| DC | Enhanced Linux Bluetooth Control via DBus Events We have reworked the handling of Linux Bluetooth permissions to leverage DBus events, significantly enhancing the ability to control Bluetooth devices on Linux. This change improves precision and flexibility in managing Bluetooth connections and device interactions within the Linux environment. |
377022, 385745 | |
| DC | Improved Management of Bluetooth Pop-Ups on macOS Adjustments have been made to ensure that Bluetooth pop-ups are properly displayed only when appropriate permissions are in place. This enhancement ensures that the EPP agent requires full disk access to modify local databases, preventing unnecessary pop-ups if permissions are not granted, thereby streamlining user interaction on macOS. |
370581 | 00423432 |
| DC | Streamlined Log Generation for iPhone Connections Improvements have been implemented to ensure log entries are generated only once when connecting or disconnecting iPhones, preventing duplicate entries. This update enhances clarity and accuracy, reflecting actions performed with devices set to “Deny” permissions, optimizing log management in the specified environment. |
371529 | |
| DC | Improved File Tracing for Write Events Enhancements have been made to ensure that the EPP client consistently captures File-Write and Read-Write events on network shares and removable devices. Previously, certain file changes, such as edits and saves made using Notepad, Notepad++, or Visual Studio, might not trigger events as expected. This update refines the File Tracing process, increasing the reliability of event detection on Windows for diverse editing applications. |
374320 | |
| DC | Resolution for Ignored File Size Limit in Shadowing The EPP system has been updated to respect the “Max File Size for Shadowing (KB)” setting, ensuring files exceeding the set limit are not shadowed on macOS systems running Sequoia and above. Previous behavior allowed oversized files to be shadowed and sent to S3 buckets despite size constraints. This enhancement restores expected functionality for effective file management and compliance. |
375226 | 00431461 |
| DC | Enhanced Detection for ASIX Ethernet Adapters on macOS The EPP client now accurately identifies ASIX Ethernet adapters as wired connections, ensuring that Wi-Fi is blocked when these adapters are in use. This improvement uses name detection for ASIX devices to correctly categorize the connection type, providing consistent enforcement of Wi-Fi denial policies on macOS systems. |
375955 | 00434222 |
| DC | Improved Detection of Teensy Board Devices on Windows This update refines device identification by limiting detection to specific VIDs, ensuring more accurate classification of Teensy boards. It corrects previous misclassifications on Windows, such as identifying certain adapters as Teensy boards, and aligns detection more closely with intended device types. |
375964 | 00434607 |
| DC | Enhanced Network Printer Recognition by EPP Client The latest update improves the recognition of network printers by the EPP Client on Windows 10, ensuring seamless identification and integration within the network environment. |
375227 | 00436900 |
| DC | Enhanced WiFi Blocking on Linux The update ensures WiFi is consistently blocked upon policy changes or reactivation without needing a service restart, enhancing enforcement on Ubuntu 22.04 systems. |
376531 | 00435378 |
| DC | Restoration of “Deny-Access but Allow Charging” Functionality The update addresses an issue in version 5.9.4.1 where the “Deny-Access but Allow Charging” setting unintentionally blocked iOS devices, hindering charging. The functionality is restored to ensure devices are not blocked while allowing charging as intended. |
377456 | 00418020 |
| DC | Enhanced File Shadowing for Names with Special Characters Updates have been implemented to ensure files with whitespaces or special characters in their names are successfully uploaded to an FTP server as part of the file shadow repository. Improvements in handling file URL formatting address prior errors, ensuring seamless file tracing and shadowing on Windows systems. |
380898 | |
| DC | Improved Remediation for Logitech MX Master Mouse Enhancements have been applied to ensure a stable remediation session for the Logitech MX Master Bluetooth mouse. Users will no longer experience intermittent blocking and notifications, allowing uninterrupted use during active remediation sessions with Device Remediation enabled for Bluetooth Mice. |
381996 | |
| DC | Correction of File Tracing Events on macOS This update refines file tracing for text file edits on macOS, ensuring proper event logging. Previously, edits on removable devices or network shares could lead to incomplete logs. Now, file activities are consistently captured and reported. |
384396 | |
| DC | Resolution for Mountain Duck Accessibility The update addresses issues where Mountain Duck cloud drive was blocked by EPP settings for “Unknown Devices.” Now, Mountain Duck can start and function properly without errors, even with restrictive device policies in place. |
384518 | 00437196 |
| DC | Adjustment for Handling Multiple Printers with the Same Name This update resolves issues where network printers with identical names were not consistently blocked in Safari when disabled in DC. The system now ensures that all instances of the same printer are correctly recognized and restricted, preventing unauthorized printing. |
384608 | |
| DC | Improved Enforcement of Bluetooth Permissions on Ubuntu 22.04 The update ensures that Bluetooth permission settings are adhered to on Ubuntu 22.04, preventing manual enablement of Bluetooth devices when permissions are set to Deny. |
385745 | |
| CAP | Improve Detection of Brazilian PIIs We’ve improved the detection of Brazilian Personally Identifiable Information (PII) by differentiating between CPF and CNH patterns. Due to excess noise generated by CNH, CPF has been separated into its own selectable pattern within CAP/eD policies. Customers will need to manually adjust their CAP/eD policy definitions to accommodate this change and align with their specific requirements. Note: This update requires at least version 5.9.4.2 of the EPP Server and version 5.9.4.3 of the EPP Clients. |
342068, 320008, 376836 | 00419481 |
| CAP | Suppress Windows Notifications When Copying to USB To enhance user experience, we have suppressed Windows notifications that prompted users to Skip, Replace, or Cancel during file copying to USB drives when blocked by a CAP policy. Previously, these notifications could be disruptive, especially when multiple files were copied at once. This improvement ensures a smoother interaction by eliminating the need for user intervention in such scenarios. |
343859 | |
| CAP | Stop Monitoring XDG Desktop Portals Except for Ubuntu 18.04 We have refined our monitoring processes to reduce unnecessary log noise by ceasing to monitor xdg-desktop-portal* for file access on all systems except Ubuntu 18.04. On Ubuntu 18.04, we will continue to monitor xdg-desktop-portal-gtk to effectively capture file access events, particularly for file pickers used by applications like web browsers. Known Limitation: For Ubuntu versions 18.04, 20.04, 22.04, and 24.04, when using Firefox browsers to navigate through files, the EPP Client may generate false positives. |
367650 | 00433696, 00427782 |
| CAP | Proxy Configuration Management in Endpoint Protector This update ensures that the proxy configuration is accurately reflected post-upgrade, allowing users to disable or adjust proxy settings without residual entries that could affect performance. Users making this transition should now find a smoother experience in adjusting their network configurations according to the new settings. |
371451 | 00427365 |
| CAP | Improved File Scanning for Google Translate Uploads We are addressing the handling of file uploads to Google Translate, enhancing our scanning process to ensure data protection. Currently, limited file types such as .docx, .pdf, .pptx, .xlsx, and images are supported for upload and translation. |
374645 | 00434813, 00435082 |
| CAP | Resolution of False Positive US SSN Detection in PDF Printing We have addressed an issue where false positives for US Social Security Numbers (SSN) were detected when printing threat-free PDFs from OneDrive Business using browser menu options. This release enhances the detection algorithms to mitigate false alarms, ensuring that print jobs proceed smoothly without unnecessary interruptions. |
339356 | 00431461 |
| CAP | Resolution of False Positive US SSN Detection in Webpage Printing We have addressed a regression issue where false positives for US Social Security Numbers (SSN) were detected while attempting to print threat-free webpages from browsers like Edge and Chrome. This update refines the detection process, ensuring webpages without sensitive data can be printed successfully without being erroneously flagged by CAP policies. |
339390 | |
| CAP | Improved Monitoring of New Microsoft Teams File Transfer on Windows This update enhances the EPP client’s ability to monitor and control file transfers in the New Microsoft Teams on Windows. With improved visibility, the EPP client effectively intercepts and manages file transfers, ensuring they are appropriately monitored and controlled even when DPI is disabled. |
340606 | 0042295, 00417651 |
| CAP | Improved Monitoring for Microsoft Teams on Linux Enhanced the EPP client’s ability to monitor Microsoft Teams activity on Linux. This update ensures that the "teams " process is properly tracked, allowing file transfers to adhere to CAP policies and improving overall compliance with monitoring requirements. |
347077 | |
| CAP | Refined Identification of Microsoft Teams and Slack Traffic with Proxy Usage An enhancement has been made to accurately distinguish network traffic originating from Microsoft Teams and Slack from that of Chrome when a third-party proxy, like Sophos, is used. Previous configurations led to all traffic being routed through the proxy being incorrectly identified as Chrome, causing scanning irrespective of CAP policy settings. |
369085 | |
| CAP | Improved Functionality for Safari Browser in Xcode Simulator This update enhances functionality for the Safari Browser in Xcode Simulator on macOS when DPI is enabled. It ensures that webpages load correctly, providing a seamless browsing experience in the simulator environment regardless of the “Intercept VPN Traffic” setting. |
343756 | 00411657 |
| CAP | Enhanced Blocking for Print Screen on Windows 11 This update addresses the issue where the EPP client did not consistently block the print screen functionality on Windows 11 for certain key combinations. The enhancement ensures that all defined scenarios within CAP policies, including Fn+PrintScreen and PrintScreen alone, are effectively blocked, maintaining compliance and security on Windows 11 systems. |
364964 | |
| CAP | Blocking SnippingTool on Windows 11 with CAP Policy Enhanced CAP policy capabilities to effectively block the SnippingTool executable on Windows 11 when the print screen function is selected. |
367687 | 00438810, 00426022 |
| CAP | Enhanced Stability for Print Screen Blocking The EPP agent has been updated to address issues where print screen functionality might not be consistently blocked due to multithreading complications. By refining the policy loading process to ensure flags are set accurately across threads, print screen operations are now reliably controlled, maintaining security expectations for both Windows 10 and Windows 11 environments. |
373916 | 00426022 |
| CAP | Resolution for Incorrect File Type Reporting in Image Transfers This update enhances the monitoring of files transferred via Airdrop using Drag and Drop on macOS. By implementing a dynamic detection mechanism for temporary file paths, the EPP agent ensures that files are accurately scanned and sensitive data is effectively blocked during transfer using this method. |
367340 | |
| CAP | Enhanced Airdrop File Blocking for Drag and Drop Actions The EPP agent now better monitors files sent via Airdrop using Drag and Drop on macOS. Through dynamic detection of temporary file paths, files are scanned, and sensitive data is effectively blocked during transfer. |
367530 | 00426475 |
| CAP | Custom Content Denylist for Korea The CAP policy for Korean custom content now effectively blocks files sent via browsers. This update ensures accurate detection and blocking of Korean-language files. |
368220 | 00419610 |
| CAP | Improved Scanning for swisstransfer.com Data Transfers The EPP agent has been updated to ensure accurate scanning of data sent via swisstransfer.com. |
368729 | 00429663 |
| CAP | Enhanced Policy Enforcement with OCR Configuration The policy enforcement has been improved to ensure that image files are accurately blocked by the EPP client when OCR is enabled, regardless of the content. This refinement addresses previous limitations by allowing stricter adherence to image blocking policies without relying solely on detected text content. |
370034 | |
| CAP | Stability Enhancement for Ubuntu 18.04 Linux Clients Handling File System Events Enhancements have been made to prevent crashes in Linux clients when generating a large number of file system events. Implementing a thread pool addresses the issue of reaching thread count limits, ensuring system stability while handling extensive file operations on removable devices. This improvement optimizes performance and reliability on Ubuntu 18.04. |
371646 | 00432785 |
| CAP | Resolution for Application Denylist Parameters The application denylist has been refined to ensure consistent operation regardless of parameter case sensitivity. Previously, rules with uppercase command line arguments were ineffective, but this update ensures applications are properly blocked irrespective of parameter casing. The fix applies to both Windows and macOS environments, enhancing reliability and functionality in diverse setups. |
373725 | |
| CAP | Resolution of File Shadowing Issue with Printer Names The EPP system now supports file shadowing for CAP policies irrespective of the characters used in printer names. Previously, special characters like “:” in "http://10.0.1.10 could block shadow creation, compromising the handling of confidential content. This update ensures consistent shadowing functionality, accommodating complex printer names without disrupting operations. |
374363 | 00427161 |
| CAP | Enhanced Stability for EPP Client on macOS The update addresses EPP client crashes during app control by improving the handling of multiple security events. By optimizing message processing, the client now operates smoothly without interruptions when utilizing CAP policies to block applications on macOS. |
374276 | 00428724 |
| CAP | Resolution of CAP File Shadowing Issue The update ensures images are properly shadowed according to CAP policies, addressing previous issues where JPEG uploads were not shadowed despite monitoring on macOS and Linux environments. |
376510 | 00426339 |
| CAP | Enhanced Clipboard Image Blocking on Windows The update ensures clipboard images are blocked effectively under CAP policies on Windows 10 and 11, resolving prior inconsistencies when reporting sensitive information. |
376539 | |
| CAP | Enhanced Git Upload Blocking on macOS The update addresses the ability to block uploads to “GitHub” using the native Git application on macOS when “Intercept VPN Traffic” is enabled in DPI. This ensures commands over HTTP remotes are effectively restricted under CAP policies. |
377208 | 00430839 |
| CAP | Enhanced Regex Functionality in CAP Policies The latest update resolves issues where not all regex patterns were applied in CAP policies, leading to unblocked transfers. The EPP client now consistently applies multiple regex patterns as defined by administrators, ensuring all relevant transfers are properly monitored and blocked when conditions are met. |
380070 | 00438983 |
| CAP | Enhanced Stability for Notifier Under Clipboard Spam Improvements have been made to ensure the Notifier maintains stability even when subjected to excessive clipboard copy commands. The update prevents freezing, ensuring smooth functionality when clipboard filtering policies are active on Ubuntu 22.04 with recent client versions. |
380341 | 00435758 |
| CAP | Correction for CAP Report Item Count Accuracy An update has been applied to accurately reflect item counts in CAP reports, ensuring reported logs match the set policy criteria. This resolves discrepancies where fewer items appeared than expected, aligning displayed counts with actual detection results. |
380525 | 00427620 |
| CAP | Reduction of False Positives for Rippling.com Enhancements have been made to CAP policy configurations to significantly reduce false positive threat reports while browsing rippling.com. Adjustments improve the accuracy of detection for personal and sensitive data, ensuring more reliable results. |
380588 | |
| CAP | Improved Regex Support for International Characters This enhancement ensures that content with international symbols, such as Chinese characters, is accurately matched against defined regular expressions, addressing customer concerns. |
382013 | 00440150 |
| CAP | Resolution for Google Meet Performance Issues on macOS Enhancements have been made to address performance issues in Google Meet sessions on macOS, ensuring smooth connectivity and functionality for video and audio. |
382020 | 00429561 |
| CAP | Resolution for Slowness in WebStorm Application Adjustments have been made to CAP policy settings to address slowness experienced in WebStorm and PyCharm applications. The issue was linked to the network share exit point; modifying these settings ensures normal application performance without compromising functionality. |
385321 | 00437363 |
| CAP | Printing Delay Issue Resolved in Special Browser Pages Fixed a printing delay issue where the “Block Print from Browsers” feature caused hangs when printing from special Chrome pages. This update ensures prompt printing on Windows with Edge or Chrome browsers. |
388233 | 00445778 |
| DPI | Reduction of DPI False Positives Related to Cloudflare The update refines DPI scanning to reduce false positives when browsing websites utilizing Cloudflare security measures like bot detection and CAPTCHA. It ensures more accurate monitoring, preventing unnecessary reports during routine navigation on various websites. |
384498 | |
| DPI | Enhancement to DPI with “Intercept VPN Traffic” Capability on macOS Addressed a limitation where DPI with “Intercept VPN Traffic” could not inspect network traffic for unsigned applications run from non-standard locations on macOS due to sandboxing restrictions. The update improves DPI’s ability to better manage applications launched from non-standard directories, though it may still face challenges without full permissions. Users are encouraged to maintain standard application paths to ensure proper functionality. |
||
| DPI | Improved Enforcement for DPI Restricted Apps The update strengthens DPI controls by ensuring that the “Bypass DPI Certificate Rejection by Third-Party Applications” setting does not apply to DPI-restricted apps like Git. This enhancement prevents unauthorized uploads to Git repositories with untrusted certificates, aligning functionality with CAP policies to consistently restrict intended operations. |
369796 | 00430839 |
| DPI | Reduction of False Positives in Google Meet Sessions This update refines DPI functionality to prevent false positive alerts during Google Meet WebRTC sessions, ensuring accurate detection and reducing unnecessary noise in CAP policies configured for Brazil PII. |
378052 | 00423343 |
| DPI | Enhanced Scanning of File Uploads to m365.cloud.microsoft The update improves DPI capabilities to scan and assess files uploaded to m365.cloud.microsoft, specifically targeting requests to graph.microsoft.com with URIs containing /drive/. This enhancement ensures sensitive data is detected and appropriately blocked during uploads from the HOME page, refining CAP policy enforcement for browser-monitored activities. |
384336 | 00442443 |
Known Limitations
| Component | Description | Case # | Escalation # |
|---|---|---|---|
| General | In newer Linux Ubuntu versions, the default installation of the ‘snap’ application for file access events in xdg Desktop portals is not supported by EPP Client. This may lead to unexpected behavior in File Tracing, File Shadow, CAP, and DPI due to missing file access events. | EPP-8735 | EPPSUPPORT-3198 |
| Device Control | Despite denying Bluetooth, Webcam, and iPhone access on macOS endpoints, the Continuity Camera issue persists in applications like Slack, Zoom, FaceTime, and Photo Booth, where the camera is not correctly blocked. | EPP-8781 EPP-6826 | |
| Content Aware Protection | Clipboard operations may not always be captured accurately by MacOS CAP OCR | EPP-8651 | |
| Content Aware Protection | File Shadow downloads are affected by incorrect MD5 hashes in Endpoint Protector Clients’ event logs, causing artifacts to fail downloading with a “File Not Found” error. Upgrade EPP clients to 5.9.1.0+ (Windows: 5.9.1.7+; macOS: 2.8.1.4+; Linux: 2.1.0.3+) before updating the EPP server to versions 5.7.1.0 or 5.9.1.0+. | 320097, 320221 | |
| Content Aware Protection | On certain Linux environments, particularly those using the Wayland protocol by default, paste control is constrained due to Wayland’s inability to detect the focused window, resulting in content blocking during the copy operation. | EPP-8510 | |
| Content Aware Protection | File Shadow downloads from AWS S3 buckets, with concurrent File Tracing and CAP activation, may result in inconsistent behavior, displaying artifacts deleted in File Tracing reports but still available in CAP reports, and vice versa. | 320213, EPP-9023 | |
| Endpoint Protector Client | With the release of EPP Client version 5.9.4.1, support for Windows XP, 7, 8, early builds of Windows 10, and Windows Server 2016 has been discontinued. To maintain EPP coverage on these systems, customers should continue using EPP Client version 5.9.4.0. Please note that no new features or fixes will be backported to this release. | 438053 | |
| Endpoint Protector Client | False Positive Generation on Ubuntu with Firefox Browsers For Ubuntu versions 18.04, 20.04, 22.04, and 24.04, when using Firefox browsers to navigate through files, the EPP Client may generate false positives. |
367650 | 00433696, 00427782 |
Upcoming Depreciations
| Component | Description | Case # | Targeted Release |
|---|---|---|---|
| General | Reporting V1 will be discontinued in future updates, and users should migrate to Reporting V2 beginning with EPP version 5.7 and beyond. | EPP-8532 | 5.9.5.0 |
| General | Backup V1 will be discontinued in future updates, and users should transition to Backup V2 starting from EPP version 5.9.0.0 and above. | EPP-8535 | 5.9.5.0 |
| General | DHCP Client support in EPP server will be phased out in upcoming updates; transition to static IP for stability is recommended. | EPP-8586 | 5.9.5.0 |
| General | Contextual Detection under SYSTEM PARAMETERS will be discontinued in future updates and replaced by ‘Context Detection Rules’ in the ‘Content Detection Summary’ section of CAP Policies. | EPP-8941 | 5.9.6.0 |
| General | The File Shadow Maintenance feature, which provides functionality for listing and managing File Shadows stored locally on the EPP Server will be discontinued in future. | 5.9.6.0 | |
| General | Change in EPP Server Patch Delivery EPP is transitioning to provide EPP Server patches exclusively as Offline patches. Future releases will discontinue LiveUpdate patches, and related options will be removed from the interface to streamline the update process. |
378739 | 5.9.5.0 |
Need help with this update?
There are many different ways to get help with our products!
| Situation | Action |
|---|---|
| If you feel the product is broken and not working as intended… | Contact Support |
| If you have a question you’d like to ask other experts… | Create a discussion in the community: Endpoint Protector > Discussions & Questions |
| If you have a feature request… | Let our product team know directly: Endpoint Protector > Ideas |
| If you have something cool to show… | Show everyone what you built: Endpoint Protector > Show & Tell |
What are your thoughts?
We are always happy to hear from our users on what you like, and what you hope to see in the future. Please, share your thoughts below!
