What's new

Update 11.7.0

Kaspersky Endpoint Security for Windows 11.7.0 offers the following new features and improvements:

The interface of Kaspersky Endpoint Security for Windows is updated.
Support of Windows 11, Windows 10 21H2 and Windows Server 2022.
Added new components:
- A built-in agent for integration with Kaspersky Sandbox was added. The Kaspersky Sandbox solution detects and automatically blocks advanced threats on computers. Kaspersky Sandbox analyzes object behavior to detect malicious activity and activity characteristic of targeted attacks on the IT infrastructure of the organization. Kaspersky Sandbox analyzes and scans objects on special servers with deployed virtual images of Microsoft Windows operating systems (Kaspersky Sandbox servers). For details about the solution, refer to the Kaspersky Sandbox Help.
  You no longer need Kaspersky Endpoint Agent in order to use Kaspersky Sandbox. Kaspersky Endpoint Security can perform all Kaspersky Endpoint Agent functions. To migrate Kaspersky Endpoint Agent policies, use the Migration Wizard. You need Kaspersky Security Center 13.2 for all of the functions of Kaspersky Sandbox to work. For details about the migrating from Kaspersky Endpoint Agent to Kaspersky Endpoint Security for Windows, please refer to the application help.
- Added the built-in agent to support the operation of the Kaspersky Endpoint Detection and Response Optimum solution. Kaspersky Endpoint Detection and Response Optimum is a solution for protecting the organization's IT infrastructure from advanced cyber threats. The functionality of the solution combines automatic detection of threats with the ability to react to these threats to counteract advanced attacks including new exploits, ransomware, fileless attacks, as well as methods using legitimate system tools. For more information about the solution, refer to the Kaspersky Endpoint Detection and Response Optimum Help.
  You no longer need Kaspersky Endpoint Agent in order to use Kaspersky Endpoint Detection and Response. Kaspersky Endpoint Security can perform all Kaspersky Endpoint Agent functions. To migrate Kaspersky Endpoint Agent policies and tasks, use the Migration Wizard. To use all the functions, Kaspersky Endpoint Detection and Response Optimum require Kaspersky Security Center 13.2. For details about the migrating from Kaspersky Endpoint Agent to Kaspersky Endpoint Security for Windows, please refer to the application help.
The Migration Wizard for Kaspersky Endpoint Agent policies and tasks was added. The Migration Wizard creates new merged policies and tasks for Kaspersky Endpoint Security for Windows. The wizard allows switching Detection and Response solutions from Kaspersky Endpoint Agent to Kaspersky Endpoint Security. Detection and Response solutions include Kaspersky Sandbox, Kaspersky Endpoint Detection and Response Optimum (EDR Optimum), and Kaspersky Managed Detection and Response (MDR).
Kaspersky Endpoint Agent, which is included in the distribution kit, is updated to version 3.11.
When upgrading Kaspersky Endpoint Security, the application detects the version and designated purpose of Kaspersky Endpoint Agent. If Kaspersky Endpoint Agent is designated for the operation of Kaspersky Sandbox, Kaspersky Managed Detection and Response (MDR) and Kaspersky Endpoint Detection and Response Optimum (EDR Optimum), Kaspersky Endpoint Security switches the operation of these solutions to the application’s built-in agent. For Kaspersky Sandbox and EDR Optimum, the application automatically uninstalls Kaspersky Endpoint Agent. For MDR, you can uninstall Kaspersky Endpoint Agent manually. If the application is designated for the operation of Kaspersky Endpoint Detection and Response Expert (EDR Expert), Kaspersky Endpoint Security upgrades the version of Kaspersky Endpoint Agent. For more details about the application, please refer to the documentation of Kaspersky solutions that support Kaspersky Endpoint Agent.
BitLocker encryption functionality improved:
- Enhanced PIN can now be used with BitLocker Drive Encryption. Enhanced PIN allows using other characters in addition to numerical characters: uppercase and lowercase Latin letters, special characters, and spaces.
- A feature to disable BitLocker authentication for upgrading the operating system or installing update packages was added. Installing updates may require restarting the computer multiple times. To install updates correctly, you can temporarily turn off BitLocker authentication and re-enable the authentication after installing updates.
- Now you can set an expiration time for BitLocker encryption password or PIN. When the password or PIN expires, Kaspersky Endpoint Security prompts the user for a new password.
Now you can configure the maximum number of keyboard authorization attempts for BadUSB Attack Prevention. When the configured number of failed attempts to enter the authorization code is reached, the USB device is temporarily locked.
Firewall functionality is improved:
- Now you can configure a range of IP addresses for Firewall packet rules. You can enter a range of addresses in IPv4 or IPv6 format. For example, 192.168.1.1-192.168.1.100 or 12:34::2-12:34::99.
- Now you can enter DNS names for Firewall packet rules instead of IP addresses. You should use DNS names only for LAN computers or internal services. Interaction with cloud services (such as Microsoft Azure) and other Internet resources should be handled by the Web Control component.
Web Control rule search improved. To search a web resource access rule, in addition to the name of the rule, you can use the URL of the website, a username, a content category, or a data type.
The Virus Scan task was improved:
- The Virus Scan task in idle mode was improved. If you have rebooted the computer during the scan, Kaspersky Endpoint Security automatically runs the task, continuing from the point where the scan was interrupted.
- The Virus Scan task was optimized. By default, Kaspersky Endpoint Security runs the scan only when the computer is idle. You can configure when the computer scan is run in task properties.
Now you can restrict user access to data provided by the Application Activity Monitor. Application Activity Monitor is a tool designed for viewing information about the activity of applications on a user's computer in real time. The administrator can hide the Application Activity Monitor from the user in application policy properties.
Improved the security of managing the application through the REST API. Now Kaspersky Endpoint Security validates the signature of requests sent via the REST API. To manage the program, you need to install a request identification certificate.

Update 11.6.0

Kaspersky Endpoint Security 11.6.0 for Windows offers the following features and improvements:

Support for Windows 10 21H1. For details about support for the Microsoft Windows 10 operating system, please refer to the Technical Support Knowledge Base.
The Managed Detection and Response component was added. This component facilitates interaction with the solution known as Kaspersky Managed Detection and Response. Kaspersky Managed Detection and Response (MDR) provides round-the-clock protection from a growing number of threats capable of bypassing automated protection mechanisms for organizations that have a difficult time finding highly qualified experts or have limited internal resources. For detailed information about how the solution works, please refer to the Kaspersky Managed Detection and Response Help.
Kaspersky Endpoint Agent, which is included in the distribution kit, has been updated to version 3.10. Kaspersky Endpoint Agent 3.10 provides new features, resolves some previous issues, and has improved stability. For more details about the application, please refer to the documentation of Kaspersky solutions that support Kaspersky Endpoint Agent.
It now provides the capability to manage protection against attacks such as Network Flooding and Port Scanning in Network Threat Protection settings.
Added new method of creating network rules for Firewall. You can add packet rules and application rules for connections that are displayed in the Network Monitor window. However, network rule connection settings will be configured automatically.
Network Monitor interface is now improved. Added the information about network activity: process ID, that initiate network activity; network type (local network or the Internet); local ports. By default, the information about network type is hidden.
There is now the capability to automatically create Authentication Agent accounts for new Windows users. The Agent allows a user to complete authentication for access to drives that were encrypted using Kaspersky Disk Encryption technology, and to load the operating system. The application checks information about Windows user accounts on the computer. If Kaspersky Endpoint Security detects a Windows user account that has no Authentication Agent account, the application will create a new account for accessing encrypted drives. This means that you do not need to manually add Authentication Agent accounts for computers with already encrypted drives.
There is now the capability to monitor the disk encryption process in the application interface on users' computers (Kaspersky Disk Encryption and BitLocker). You can run the Encryption Monitor tool from the main application window.

Update 11.5.0

Kaspersky Endpoint Security 11.5.0 for Windows offers the following features and improvements:

Support for Windows 10 20H2. For details about support for the Microsoft Windows 10 operating system, please refer to the Technical Support Knowledge Base.
Updated application interface. Also updated the application icon in the notification area, application notifications, and dialog boxes.
Improved interface of the Kaspersky Endpoint Security web plug-in for the Application Control, Device Control, and Adaptive Anomaly Control components.
Added functionality for importing and exporting lists of rules and exclusions in XML format. The XML format allows you to edit lists after they are exported. You can manage lists only in the Kaspersky Security Center Console. The following lists are available for export/import:
Object MD5 information was added to the threat detection report. In previous versions of the application, Kaspersky Endpoint Security showed only the SHA256 of an object.
Added capability to assign the priority for device access rules in Device Control settings. Priority assignment enables more flexible configuration of user access to devices. If a user has been added to multiple groups, Kaspersky Endpoint Security regulates device access based on the rule with the highest priority. For example, you can grant read-only permissions to the Everyone group and grant read/write permissions to the administrators group. To do so, assign a priority of 0 for the administrators group and assign a priority of 1 for the Everyone group. You can configure the priority only for devices that have a file system. This includes hard drives, removable drives, floppy disks, CD/DVD drives, and portable devices (MTP).
Added new functionality:
- Manage audio notifications.
- Cost-Aware Networking Kaspersky Endpoint Security limits its own network traffic if the Internet connection is limited (for example, through a mobile connection).
- Manage Kaspersky Endpoint Security settings via trusted remote administration applications (such as TeamViewer, LogMeIn Pro and Remotely Anywhere). You can use remote administration applications to start Kaspersky Endpoint Security and manage settings in the application interface.
- Manage the settings for scanning secure traffic in Firefox and Thunderbird. You can select the certificate storage that will be used by Mozilla: the Windows certificate storage or the Mozilla certificate storage. This functionality is available only for computers that do not have an applied policy. If a policy is being applied to a computer, Kaspersky Endpoint Security automatically enables use of the Windows certificate storage in Firefox and Thunderbird.
Added capability to configure the secure traffic scan mode: always scan traffic even if protection components are disabled, or scan traffic when requested by protection components.
Revised procedure for deleting information from reports. A user can only delete all reports. In previous versions of the application, a user could select specific application components whose information would be deleted from reports.
Revised procedure for importing a configuration file containing Kaspersky Endpoint Security settings, and revised procedure for restoring application settings. Prior to importing or restoring, Kaspersky Endpoint Security shows only a warning. In previous versions of the application, you could view the values of the new settings before they were applied.
Simplified procedure for restoring access to a drive that was encrypted by BitLocker. After completing the access recovery procedure, Kaspersky Endpoint Security prompts the user to set a new password or PIN code. After setting a new password, BitLocker will encrypt the drive. In the previous version of the application, the user had to manually reset the password in the BitLocker settings.
Users now have the capability to create their own local trusted zone for a specific computer. This way, users can create their own local lists of exclusions and trusted applications in addition to the general trusted zone in a policy. An administrator can allow or block the use of local exclusions or local trusted applications. An administrator can use Kaspersky Security Center to view, add, edit, or delete list items in the computer properties.
Added capability to enter comments in the properties of trusted applications. Comments help simplify searches and sorting of trusted applications.
Managing the application through the REST API:
- There is now the capability to configure the settings of the Mail Threat Protection extension for Outlook.
- It is prohibited to disable detection of viruses, worms, and Trojans.

Update 11.4.0

Page top