What's new

Update 12.6

Kaspersky Endpoint Security 12.6 for Windows offers the following features and improvements:

  1. The functionality for integration with Kaspersky SIEM solutionKaspersky Unified Monitoring and Analysis Platform (KUMA) – has been added. It is now possible to send events from Windows event logs to KUMA collector. This allows KUMA to receive Windows events (a limited set of EventIDs is supported) from all computers on which Kaspersky Endpoint Security is installed, without installing KUMA agents on these computers.
  2. A new System Integrity Monitoring component was added to replace the File Integrity Monitor component. System Integrity Monitoring component includes all functionality of File Integrity Monitor and additionally allows to monitor registry changes and connection of external devices. The System Integrity Monitoring component monitors changes in the operating system that may indicate computer security breaches. When such changes are detected, Kaspersky Endpoint Security generates corresponding events and alerts the administrator. File Integrity Monitor is no longer part of the application. File Integrity Monitor settings automatically migrate to System Integrity Monitoring when you update the application. To ensure correct operation of System Integrity Monitoring, both Kaspersky Endpoint Security application and management plug-in should be updated to version 12.6.
  3. The status of the installed built-in EDR agent (KATA) has been added to the computer properties in the Kaspersky Security Center console. Now, if you have a built-in EDR agent (KATA) installed, the Endpoint Sensor status column displays the current status of the component (e.g., Running, Stopped, Not supported by license, etc.).
  4. The option to select predefined scan exclusions and trusted applications has been added. Predefined scan exclusions and trusted applications help to quickly configure the trusted zone when using the application on SQL servers, Microsoft Exchange servers, and System Center Configuration Manager. Such exclusions comprise, for example, MDF and LDF database files. Exclusions can be added when creating a new policy, modifying an existing policy, or when installing Kaspersky Endpoint Security.
  5. The display of alert details for Kaspersky Endpoint Detection and Response Optimum has been moved from the Kaspersky Endpoint Security management plug-in to a separate Kaspersky Endpoint Detection and Response management plug-in. The EDR management plugin is a single plugin for working with agents on Windows, Mac and Linux operating systems. Now, when working with EDR Optimum, you will need Kaspersky Endpoint Security management plug-in to create threat response tasks and EDR management plug-in to view alert details.
  6. Support for Windows 11 24H2.
  7. When developing this version of Kaspersky Endpoint Security for Windows, we incorporated the changes included in the following private patches: pf10048, pf10353, pf12106, pf12107, pf12108, pf13090, pf13100, pf15031, pf15034, pf15036, pf16021, pf16023, pf16029, pf17002.

Update 12.5

Kaspersky Endpoint Security 12.5 for Windows offers the following features and improvements:

  1. The option to configure telemetry exclusions has been added. Telemetry is a list of events that have occurred on the protected computer. Telemetry data is used by Kaspersky Anti Targeted Attack Platform (EDR) to monitor and protect the organization's IT infrastructure. Configuring telemetry exclusions allows to improve computer performance and to optimize data transmission to the Telemetry server.
  2. The interface of the application's trusted zone has been improved. Kaspersky Endpoint Security now hides trusted zone objects from the user if the administrator has prohibited the user from adding their own (local) scan exclusions and trusted applications. This prevents unauthorized access to the trusted zone by an intruder, increasing the level of computer security.
  3. The option to scan traffic for MyOffice Mail and R7-Office Organizer mail clients has been added. The Mail Threat Protection component now scans not only message attachments at download, but also sent and received messages.
  4. A new category of web resources Generative AI Tools has been added. You can configure access to websites from the new category using Web Control.
  5. Now you can select the location of a network packet rule in the Firewall list. The location of a network packet rule in the list determines its priority. In previous versions of the application, a new rule could only be added to the end of the list, after which you had to manually move the rule through the list to prioritize it. Now, when adding a rule, you can choose whether the rule should be placed at the beginning, at the end of the list, or next to the selected rule.
  6. In the rules of Kaspersky Endpoint Security components, now you can select users not only from Active Directory, but also from the list of users in Kaspersky Security Center. You can also enter local user account data manually. This possibility has been added for the rules of the following components: Application Control, Device Control, Web Control, Adaptive Anomaly Control and Log Inspection.
  7. The network attack detection report now includes a column with the MAC address of the attacking computer (the Network Threat Protection component). Now you can see the MAC address of the attacking computer in the report in addition to its IP address. This is helpful for incident investigation. Reports, containing the MAC address of the attacking computer, will also be available in the Kaspersky Security Center Linux console version 15.1 and higher.
  8. The level of computer protection requirements has been increased. The high protection level now requires enabling Protection of application services against external management. Check the security level indicator in the upper part of the policy window. If you have a medium or low security level, you can enable Protection of application services against external management in the security level indicator recommendation window.
  9. Support for new events of object detection when the application is running in the Endpoint Detection and Response Agent (EDR Agent) configuration has been added. These events were already supported in the [KES+built-in agent] configuration.
  10. When developing this version of Kaspersky Endpoint Security for Windows, we incorporated the changes included in the following private patches: pf9640, pf9830, pf9831, pf10047, pf10351, pf12102, pf12105, pf13084, pf13089, pf14040, pf14047, pf15026, pf15028, pf16013.

Update 12.4

Kaspersky Endpoint Security 12.4 for Windows offers the following features and improvements:

  1. Added new functionality to protect the connection of the computer to Kaspersky Security Center. New Administration Server connection protection task allows setting a password for connecting to a trusted server. This means that it is not possible to reconnect the computer and run commands from another server without this password.
  2. For the Password Protection component, the ability to select users manually and not only from Active Directory has been added. That is, you can manually specify a user name and password and assign access rights to Kaspersky Endpoint Security for this account. This way, you do not need to share your KLAdmin password with other users or create new Active Directory accounts to control access to the application.
  3. Support for Windows 11 23H2.

Update 12.3

Kaspersky Endpoint Security 12.3 for Windows offers the following features and improvements:

  1. Now you can install the application in the Endpoint Detection and Response Agent configuration. This configuration allows installing the application with a set of components required by Detection and Response solutions by Kaspersky: Kaspersky Managed Detection and Response, and Kaspersky Anti Targeted Attack Platform (EDR). You can install the application in this configuration alongside third-party solutions (for example, Dr.Web, Dallas Lock, ESET). This lets you use third-party infrastructure security tools alongside Detection and Response by Kaspersky.
  2. Kaspersky Endpoint Security operation with Bluetooth devices has been improved. Now you can configure exclusions and restrict access to all Bluetooth devices except input devices (wireless keyboards, mice, etc).
  3. The operation of Application Control component with the database of executable files has been optimized. Kaspersky Endpoint Security now automatically removes file information from the database if the file is deleted from the computer. This allows keeping the database up to date and saving Kaspersky Security Center resources.
  4. The level of computer protection requirements has been increased. The high protection level now requires enabling Password protection. Check the security level indicator in the upper part of the policy window. If you have a medium or low protection level, you can enable Password protection in the security level indicator recommendation window.
  5. HTTPS protocol support has been added to enable the application to work with Kaspersky Security Network. Enable HTTPS usage in the Administration Server properties in the KSN proxy server settings.

Update 12.2

Update 12.1

Update 12.0

Update 11.11.0

Update 11.10.0

Update 11.9.0

Page top