* On a device that is running Aurora Protect Agent version 3.3 or earlier and is unregistered from the console, and Aurora Focus 3.4 is installed on the device and rebooted, the upgrade to Protect Agent 3.4 is not successful. (EPP-6516, EPP-6515)

Workaround: After installing Aurora Focus 3.4, don't reboot the device before upgrading to Aurora Protect 3.4.

* On devices running Windows 11 22H2, 23H2, or 24H2, with Protect Agent 3.4, an application error occurs when you restart or shutdown the device. The error is logged to the event viewer. The agent runs as expected. (EPP-6492)

* When attempting to install Protect Agent 3.4 using Setup.exe on an unsupported OS version, it appears as an application error in the event viewer even though the installation was expected to be unsuccessful. (EPP-6446)

* After upgrading to Protect Agent 3.4, the start menu lists the application as CylancePROTECT instead of Aurora Protect. (EPP-6431, EPP-6341)

* After upgrading the Protect Agent from version 3.1 to 3.4, if you uninstall the agent, the C:\Program Files\Cylance\Desktop folder remains on the device. (EPP-6406)

* Proxy configuration through the Windows OS settings is not a supported configuration method, even though it may have behaved properly with agent version 3.3 and earlier. Starting with Protect Agent 3.4, you must configure the proxy settings using the registry key. (EPP-6339)

* After installing or upgrading to Protect Agent 3.4 from version 3.0 or earlier, the uninstallation is unsuccessful. (EPP-6327)

Workaround: Restart the device and try again.

* On Windows devices running Protect Agent version 3.3 or 3.4, the file manifest cannot be downloaded. (EPP-5345)

After upgrading to a version of Aurora Protect Desktop later than 3.0, if a process that's in the exclusion list is run from a network share, a system bug check might occur. (EUS-1732)

When running Aurora Protect Desktop 3.1, PS/nVision software stops responding if script control is turned on and set to Alert in the device policy. When using it with Microsoft Excel, Excel might eventually stop responding too. (EUS-1653)

Workaround: Add the following memory protection exclusions:

• /bin/client/winx86/psnvs.exe
• C:\program files\microsoft office\office16\excel.exe

Aurora Protect Desktop might not successfully block Microsoft Excel files that are infected with Kangatang or Laroux viruses even though the Dangerous VBA Macros policy is turned on. (EUS-1465)

The script control policy for XLM macros is not enforced if the Excel Trust Center > Macros Settings is set to "Enable VBA macros". (EUS-1065)

Workaround: Verify that one of the "Disable VBA macros" is selected.

When trying to launch Microsoft Visual Studio 2022, several System DLL Overwrite violations are reported and it is not launching as expected. (EPP-2312)

Workaround: In the device policy, add an exclusion to ignore "System DLL Overwrite" violations for devenv.exe that is located in the installation folder of Visual Studio 2022. For example, set the exclusion to ignore "System DLL Overwrite" violations at \Program Files\Microsoft Visual Studio\2022\Professional\Common7\IDE\devenv.exe. The installation path may differ between editions and locales.

If you assign a device policy with script control set to "Block" but allow PowerShell console usage, scripts run from the PowerShell console are blocked. (CHP-8409)

On the Script tab of the Windows agent, the command line display in the tooltip for a long PowerShell script shows duplicated and overwritten information. (CHP-8349)

The Endpoint Defense service may intermittently get stuck in a “StopPending” state when cycling between a stopped and running state. (CHP-7174)

When "System DLL Overwrite" is enabled in the memory protection policy, using AutoCad 2022 (S.51.0.0) and trying to log in to an AutoCad account triggers a memory protection event. (COM-3896)

Workaround: Add a memory protection exclusion for AutoCad for the System DLL Overwrite violation type.