Secure Endpoint Agent 11.0 release notes

If automatic agent updates are disabled, you can assign an agent version to your account's Windows and Mac devices to prevent agent upgrades.

To determine if you want to assign agent version 11.0, review this topic to learn about the improvements included in this version of the Secure Endpoint Agent.

To learn about all features, enhancements, and fixes introduced in Secure Endpoint 11.0, see the Secure Endpoint 11.0 release notes.

About the Secure Endpoint Agent

The Secure Endpoint Agent is a small software client that resides on devices that are managed in the Secure Endpoint Console. After the agent is initially installed on a new device, it's activated with the first connection to the Absolute Monitoring Center.

Each agent package includes software specific to its supported operating system, including the agent and its associated agent components, an installer, and a readme file.

System requirements

Secure Endpoint Agent 11.0 supports devices running the following operating systems:

Operating system	Supported versions
Windows	Windows 11 Home Windows 11 Pro Windows 11 Enterprise Windows 11 IoT Enterprise editions Windows 11 SE Note that due to restrictions imposed by Microsoft, the following features aren't supported on Windows 11 SE: Application Resilience: applications that require PowerShell for health checks, unless otherwise noted Custom Data: data points that use PowerShell scripts Reach Scripts: all PowerShell scripts Windows 11 ARM-based devices are supported. Windows Server 2022 Datacenter Edition Note that the following features aren't supported on Windows Server 2022 Datacenter Edition: The detection of installed anti-malware applications Device Wipe Geolocation tracking Playbooks (Absolute Rehydrate)
Mac	macOS 14, 15, and 26

Operating system

Supported versions

Windows

Windows 11 Home
Windows 11 Pro
Windows 11 Enterprise
Windows 11 IoT Enterprise editions
Windows 11 SE

Note that due to restrictions imposed by Microsoft, the following features aren't supported on Windows 11 SE:

Application Resilience: applications that require PowerShell for health checks, unless otherwise noted
Custom Data: data points that use PowerShell scripts
Reach Scripts: all PowerShell scripts

Windows 11 ARM-based devices are supported.

Windows Server 2022 Datacenter Edition

Note that the following features aren't supported on Windows Server 2022 Datacenter Edition:
- The detection of installed anti-malware applications
- Device Wipe
- Geolocation tracking
- Playbooks (Absolute Rehydrate)

Mac

macOS 14, 15, and 26

Latest agent component versions

The following agent components are associated with Secure Endpoint Agent 11.0.0.0:

Agent or component	Windows version	Mac version
Core agent The core agent (also known as rpcnet) is a small software client that resides in devices that are managed in the Secure Endpoint Console. After the core agent is initially installed on a new device, it is activated with its first connection to the Absolute Monitoring Center and the device is enrolled in Absolute. The core agent then makes scheduled connections every 24.5 hours. (rpcnet)	8.6006.0.1245	7002
Component manager The component manager (also known as CTES) is installed on top of the core agent and manages the agent components responsible for initiating device actions and collecting device data. Most agent components are controlled by policies, such as the Hardware and Installed Applications policies. The component manager typically connects to the Absolute Monitoring Center every 15 minutes, at a minumum, to send device data and receive instructions. (CTES)	1.0.0.4045	1.0.0.4045
Anti-Malware (AVP)	1.0.13.19	1.0.11.39
Application Resilience (RAR)	7.16.1.17	N/A
Custom Data (CDC)	1.0.13.56	N/A
Data Discovery (DARAgent)	11.0.0.6	11.0.0.10
Device Usage (DUR)	1.0.10.13	1.0.8.24
End User Messaging (EUM)	1.0.5.20	1.0.4.9
File Delete (SDD)	1.0.9.20	1.0.9.8
Freeze (DFZ)	1.0.9.46	1.0.5.18
Full-Disk Encryption (ESP)	1.0.11.18	1.0.10.24
Geolocation (GEO)	1.0.15.34	1.1.2.49
Hardware (HDP)	2.0.17.25	1.0.13.21
Installed Applications (SNG)	1.0.16.97	1.0.12.26
Manage Supervisor Password and Playbooks (PER)	1.0.7.59	N/A
Reach Script (ANS)	1.0.5.15	1.0.7.5
Web Usage (WMA)	11.0.1.2	N/A
Wipe (SDW)	1.0.8.19	1.0.4.5

You can view the version number of a device's core agent and component manager on its Details > Summary page.

Agent improvements and fixes

Version 11.0 of the Secure Endpoint Agent includes improvements and fixes to the following agent components:

Component	Component version	Fixes and improvements
Windows
Anti-Malware (AVP)	1.0.13.19	Security improvements.
Application Resilience (RAR)	7.16.1.17
Component manager (CTES)	1.0.0.4045
Custom Data Collector (CDC)	1.0.13.56
Data Discovery (DARAgent)	11.0.0.6
Device Usage (DUR)	1.0.10.13
Full-Disk Encryption (ESP)	1.0.11.18
Geolocation (GEO)	1.0.15.34
Hardware (HDP)	2.0.17.25	Stability, security, and logging improvements.
Installed Applications (SNG)	1.0.16.97	The SNG component has been updated to support scanning on Windows Server 2022. Fixed an issue where full scans could be significantly delayed on a device when no user was logged in after certain policy changes, causing SNG payloads to be missed for an extended period. Full scans are now scheduled correctly and payloads continue to be sent on a predictable cadence even when devices are not in active use. Fixed an issue where devices could experience frequent CPU spikes from the WmiPrvSE.exe process due to WMI polling. Performance, security, and logging improvements.
Manage Supervisor Password and Playbooks (PER)	1.0.7.59	Fixed an issue where BitLocker Drive Encryption, which was paused by the PER component, failed to resume encrypting the drive after the component had finished provisioning the device. Running a playbook on a device no longer suspends BitLocker. After a user-initiated Run playbook request is processed on a device, a new passcode is now automatically generated in preparation for the next request. Logging improvements.
Web Usage (WMA)	11.0.1.2	Security improvement.
Mac
Component manager (CTES)	1.0.0.4045	Security improvements.
Data Discovery (DARAgent)	11.0.0.10	Security improvement.
Device Usage (DUR)	1.0.8.24	For devices running macOS 14.8.2 or higher, the SSID is no longer missing or redacted in Lock and Unlock events reported on each device's Usage page. Security improvement.
Geolocation (GEO)	1.1.2.49	When the GEO component scanned a device following a device restart, the GEO payload may have failed to include the list of detected Wi-Fi access points, and no error was logged. This issue is now fixed.
Installed Applications (SNG)	1.0.12.26	Security improvement.