Secure Endpoint Agent 11.0 release notes

If automatic agent updates are disabled, you can assign an agent version to your account's Windows and Mac devices to prevent agent upgrades.

To determine if you want to assign agent version 11.0, review this topic to learn about the improvements included in this version of the Secure Endpoint Agent.

To learn about all features, enhancements, and fixes introduced in Secure Endpoint 11.0, see the Secure Endpoint 11.0 release notes.

About the Secure Endpoint Agent

The Secure Endpoint Agent is a small software client that resides on devices that are managed in the Secure Endpoint Console. After the agent is initially installed on a new device, it's activated with the first connection to the Absolute Monitoring Center.

Each agent package includes software specific to its supported operating system, including the agent and its associated agent components, an installer, and a readme file.

Secure Endpoint Agent 11.0 supports devices running the following operating systems:

Operating system Supported versions
Windows

  • Windows 11:

    • Windows 11 Home
    • Windows 11 Pro
    • Windows 11 Enterprise
    • Windows 11 IoT Enterprise editions
    • Windows 11 SE

      Note that due to restrictions imposed by Microsoft, the following features aren't supported on Windows 11 SE:

      • Application Resilience: applications that require PowerShell for health checks, unless otherwise noted
      • Custom Data: data points that use PowerShell scripts
      • Reach Scripts: all PowerShell scripts

    Windows 11 ARM-based devices are supported.

  • Windows 10:

    Microsoft ended its standard support for Windows 10 on October 14, 2025. If you’re enrolled in Microsoft’s Extended Security Updates (ESU) program, we’ll continue to support your Windows 10 devices. If you’re not enrolled, the Secure Endpoint Agent will continue to work as expected, but we recommend upgrading to Windows 11 for ongoing security updates and full feature support.

    • Windows 10 Home
    • Windows 10 Pro
    • Windows 10 Enterprise
    • Windows 10 IoT Enterprise editions

  • Windows Server 2022 Datacenter Edition

    Note that the following features aren't supported on Windows Server 2022 Datacenter Edition:

    • The detection of installed anti-malware applications

    • Device Wipe

    • Geolocation tracking

    • Playbooks (Absolute Rehydrate)
Mac
  • macOS 14, 15, and 26

The following agent components are associated with Secure Endpoint Agent 11.0.0.1:

Agent or component Windows version Mac version

Core agent The core agent (also known as rpcnet) is a small software client that resides in devices that are managed in the Secure Endpoint Console. After the core agent is initially installed on a new device, it is activated with its first connection to the Absolute Monitoring Center and the device is enrolled in Absolute. The core agent then makes scheduled connections every 24.5 hours. (rpcnet)

 8.6006.0.1245 7002

Component manager The component manager (also known as CTES) is installed on top of the core agent and manages the agent components responsible for initiating device actions and collecting device data. Most agent components are controlled by policies, such as the Hardware and Installed Applications policies. The component manager typically connects to the Absolute Monitoring Center every 15 minutes, at a minumum, to send device data and receive instructions.

(CTES)

 1.0.0.4054 1.0.0.4045

Anti-Malware

(AVP)

 1.0.13.19 1.0.11.42

Application Resilience

(RAR)

 7.16.1.17 N/A

Custom Data

(CDC)

 1.0.13.56 N/A

Data Discovery

(DARAgent)

 11.0.0.6 11.0.0.10

Device Usage

(DUR)

 1.0.10.13 1.0.8.26

End User Messaging

(EUM)

 1.0.5.20 1.0.4.9

File Delete

(SDD)

 1.0.9.20 1.0.9.8
Freeze
(DFZ)		 1.0.10.4

1.0.5.18

Full-Disk Encryption
(ESP)

 1.0.11.20 1.0.10.26

Geolocation

(GEO)

 1.0.15.34 1.1.2.57

Hardware

(HDP)

2.0.17.25

 1.0.13.38

Installed Applications

(SNG)

 1.0.16.97 1.0.12.27

Manage Supervisor Password and
Playbooks
(PER)

1.0.8.10

 N/A

Reach Script

(ANS)

 1.0.5.15 1.0.7.5

Web Usage

(WMA)

 11.0.1.2 N/A

Wipe

(SDW)

 1.0.8.19 1.0.4.5

You can view the version number of a device's core agent and component manager on its Details > Summary page.

Absolute for Chromebooks Extension: 2.6.6.5

You can view the version number of a device's Chromebook extension by adding the Core agent version column to a device report.

Agent improvements and fixes

  • Version 11.0.0.1
  • Version 11.0

Version 11.0.0.1 of the Secure Endpoint Agent includes improvements and fixes to the following agent components:

Component Component version Fixes and improvements
Windows

Component manager

(CTES)

 1.0.0.4054

  • The CTES component was updated to support the new System restart configuration for Playbooks policies. Learn more

Full-Disk Encryption

(ESP)

 1.0.11.20

  • Fixed an issue where a Windows Management Instrumentation (WMI) error during an ESP scan could cause some devices to appear as unencrypted even though they were still encrypted. When these WMI management exceptions occur, the scan is now halted and no encryption payload is generated, preventing an incorrect encryption status from being reported.
Freeze
(DFZ)		 1.0.10.4

  • The DFZ component was updated to support a new configuration for accounts that use Citrix for remote access. Learn more
Manage Supervisor Password and
Playbooks
(PER)		 1.0.8.10

  • The PER component was updated to support the new System restart configuration for Playbooks policies. Learn more
Mac

Anti-Malware

(AVP)

 1.0.11.42

  • The AVP component is now automatically restarted when the Secure Endpoint Agent detects that it is not running. This enhancement ensures that telemetry payloads are reliably sent immediately after device enrollment without requiring a manual reboot.

Device Usage

(DUR)

 1.0.8.26

  • To allow Wi-Fi information to be collected from a device, the DUR component was updated to ensure that the Absolute Secure Endpoint would like to use your current location prompt is shown to the device user as soon as the device is enrolled.

Full-Disk Encryption

(ESP)

 1.0.10.26

  • The ESP component is now automatically restarted when the Secure Endpoint Agent detects that it is not running. This enhancement ensures that telemetry payloads are reliably sent immediately after device enrollment without requiring a manual reboot.

Geolocation

(GEO)

 1.1.2.57

  • To allow Wi-Fi information to be collected from a device, the GEO component was updated to ensure that the Absolute Secure Endpoint would like to use your current location prompt is shown to the device user as soon as the device is enrolled.

  • Logging improvement.

Hardware

(HDP)

 1.0.13.38

  • To allow Wi-Fi information to be collected from a device, the HDP component was updated to ensure that the Absolute Secure Endpoint would like to use your current location prompt is shown to the device user as soon as the device is enrolled.

Installed Applications

(SNG)

 1.0.12.27

  • The SNG component is now automatically restarted when the Secure Endpoint Agent detects that it is not running. This enhancement ensures that telemetry payloads are reliably sent immediately after device enrollment without requiring a manual reboot.

Version 11.0 of the Secure Endpoint Agent includes improvements and fixes to the following agent components:

Component Component version Fixes and improvements
Windows

Anti-Malware

(AVP)

 1.0.13.19

  • Security improvements.

Application Resilience

(RAR)

 7.16.1.17

Component manager

(CTES)

 1.0.0.4045

Custom Data Collector

(CDC)

 1.0.13.56
Data Discovery
(DARAgent)		 11.0.0.6

Device Usage

(DUR)

 1.0.10.13

Full-Disk Encryption

(ESP)

 1.0.11.18

Geolocation

(GEO)

 1.0.15.34

Hardware

(HDP)

 2.0.17.25

  • Stability, security, and logging improvements.

Installed Applications

(SNG)

 1.0.16.97

  • The SNG component has been updated to support scanning on Windows Server 2022.

  • Fixed an issue where full scans could be significantly delayed on a device when no user was logged in after certain policy changes, causing SNG payloads to be missed for an extended period. Full scans are now scheduled correctly and payloads continue to be sent on a predictable cadence even when devices are not in active use.

  • Fixed an issue where devices could experience frequent CPU spikes from the WmiPrvSE.exe process due to WMI polling.

  • Performance, security, and logging improvements.
Manage Supervisor Password and
Playbooks
(PER)		 1.0.7.59

  • Fixed an issue where BitLocker Drive Encryption, which was paused by the PER component, failed to resume encrypting the drive after the component had finished provisioning the device.

  • Running a playbook on a device no longer suspends BitLocker.

  • After a user-initiated Run playbook request is processed on a device, a new passcode is now automatically generated in preparation for the next request.

  • Logging improvements.

Web Usage

(WMA)

 11.0.1.2

  • Security improvement.
Mac

Component manager

(CTES)

 1.0.0.4045

  • Security improvements.
Data Discovery
(DARAgent)		 11.0.0.10

  • Security improvement.

Device Usage

(DUR)

 1.0.8.24

  • For devices running macOS 14.8.2 or higher, the SSID is no longer missing or redacted in Lock and Unlock events reported on each device's Usage page.

  • Security improvement.

Geolocation

(GEO)

 1.1.2.49

  • When the GEO component scanned a device following a device restart, the GEO payload may have failed to include the list of detected Wi-Fi access points, and no error was logged. This issue is now fixed.

Installed Applications

(SNG)

 1.0.12.26

  • Security improvement.