Product release information for VIPRE Cloud Agent for Windows version 13.4.8857 Early Access, released on 2026 March 09.

What's New

This release of the VIPRE Cloud Agent for Windows version 13.4 represents a significant architectural step forward, focusing on modernizing our network protection stack and refining the agent’s footprint to ensure maximum performance without compromising security.

Modernized Network Stack & Stream-Based Inspection

At the heart of version 13.4 is a transition to a completely updated network inspection engine. This foundation allows us to move beyond legacy system hooks to focus on proactive, real-time analysis. This shift significantly enhances how we handle Web Protection (HTTP/HTTPS), DNS Protection, and Web Access Control.

Full Replacement of Legacy Extensions: With the introduction of advanced stream-based inspection, we have fully removed legacy browser extensions. Web protection is now handled directly at the network layer, providing a consistent, browser-agnostic security experience. This ensures protection across all browsers without the need to manage individual add-ons.

MITM for Encrypted Traffic: New policy options allow the agent to perform HTTPS (Man-in-the-Middle) inspection. This allows the agent to look inside encrypted traffic to catch malicious URLs and hidden content that previously evaded detection.

To enable Man-in-the-Middle (MITM) for Encrypted Traffic:

1. In your policy, select the Web/DNS Protection and scroll down to Web Protection
2. Ensure the Intercept encrypted traffic using MITM option is checked

Network Attack Protection

As a centerpiece of our new engine, we have introduced highly granular controls for Network Attack Protection (located under Policies > Web/DNS Protection).

• Granular Response Control: Administrators can now choose between "Report" and "Block" modes independently for different threat types
• Silent Enforcement: These actions can be performed without triggering user notifications, ensuring security protocols are enforced seamlessly without interrupting the end user's workflow or "flow"

To enable Network Attack Protection:

1. In your policy, select the Web/DNS Protection tab and ensure the Enable Network Attack Protection checkbox is selected
2. From there, select if you want to Block or Report only each category
3. Enhanced Detections: Enable this for optimal security coverage; to avoid false positives from legitimate network tools, utilize domain exclusions or disable the tool's internal vulnerability scanning
4. Inspect Encrypted Domain Controller Traffic: Enable this to detect potential threats by monitoring incoming server traffic, providing critical visibility into encrypted SMB, RPC, and Kerberos communications

Catching "Fileless" Attacks: Event-Driven Runtime Scanning

A major leap forward from legacy technology, our new Event-Driven Runtime Protection utilizes advanced heuristics to analyze activity the second it happens. This is specifically designed to catch "fileless" attacks—sneaky, script-based threats that often bypass traditional signature-based systems.

New policy options for 13.4+ agents allow you to proactively block suspicious processes by analyzing:

• Executable Launch: Inspection at the exact moment of startup to stop threats before initialization.
• Command-Line Arguments: Identifying malicious patterns in the arguments passed to processes.
• In-Memory Behavior: Monitoring live memory activity and triggering blocks the moment suspicious behavior is detected.

Smarter, Leaner, and More Efficient

We’ve cleared out legacy components to ensure version 13.4 provides a higher level of protection with a significantly reduced impact on system resources.

• Retired Legacy Engines: We have retired outdated complexity, including older HIPS, SMTP Email protection, and IDS modules. This creates a more agile agent that focuses its energy on a modern security framework rather than legacy overhead.

Professional Control & Self-Defense

• Bolstered Self-Defense: We have reinforced our uninstall protection to defend the agent against unauthorized attempts to remove it—verifying that Uninstall Protection is enabled in all of your active policies is essential to maintaining a hardened security posture.
• EDR Incident Exclusions: For EDR and EDR+MDR subscribers, we are introducing Incident Exclusions. This provides surgical control to reduce false positives and "noise" while keeping your critical defenses active and unhampered. It is important to note that Incident Exclusions apply only to detections that originate from the EDR engine. Incidents triggered by other security components will still be reported and will not be excluded. 

Use Case: During a routine system backup, an automated script executed a registry dump using reg.exe, triggering a security incident. After reviewing the alert and confirming the action was safe and necessary, the administrator creates an Incident Exclusion specifically for the reg.exe process name. Thanks to this exclusion, future runs of the backup script execute smoothly without generating any new, noisy alerts in the system.

To add an EDR Incident Exclusion, perform the following steps within the VIPRE web console:

1. Navigate to MANAGE > Exclusions, then click Incidents 
2. Click Add Exclusion List in the top right corner
3. Name your custom exclusion list and click Next
   1. In this example, we've named our list EDR Incidents 
4. On the Rules tab, you'll see two options: Freeform and Builder
   1. 📌Pro-tip: Be as specific as possible—e.g., when looking at INVESTIGATE > Incidents, you can examine the Root Cause Analysis to identify the trigger node (the specific event that caused the incident) and determine the most specific exclusion criteria, like process path, process name, command line, etc. 

5. If using Freeform, click in the text box and select your criteria 

   

6. If using Builder, click the + to select Add Rule or Add Group 

   

   1. Select your criteria from the dropdown
   2. Choose Equals, Does Not Equal, or Starts With
   3. Type (or paste) the details as required
7. Click Add
8. Click Scope

9. Select Site or Policy
   1. 📌Pro-tip: Use Site when the exclusion should apply to every device; use Policy when the exclusion is intended for specific agents or policies—creating an exclusion with scope set to Policy without actually assigning it a policy will result in the exclusion list not being active
   2. To associate a policy with your Exclusion List, click Edit Policy Associations
   3. You will see a pop-up that allows you to choose which policies you want to associate with your Exclusion List
   4. Once you select the desired policies, click Update 
10. Finally, click Create in the top right corner to save your new Incident Exclusions list

Fixed Issues

Beyond new features, 13.4 brings essential stability improvements to ensure your infrastructure runs smoothly:

• Hyper-V Reliability: Agent updates on Hyper-V hosts previously could cause failures on Guest VMs
• OS Identification: Certain operating systems were not being reported properly by the agent, often appearing as legacy versions
• Firewall Accuracy: Advanced firewall rules were occasionally failing to correctly block specified ports for applications like WhatsApp
• Upgrade Continuity: Agent configuration files are now fully preserved during upgrades (beginning with 13.4+), preventing configuration loss or the creation of duplicate device listings
• EDR Incident Reporting: EDR Incidents occasionally contained destination and source IPs written in reverse, which has now been corrected for more accurate forensic analysis

System Requirements

You can view the latest System Requirements here.

Special Instructions

Custom Build Codes

We occasionally provide Custom Build Codes to grant early access to upcoming agent releases. These builds are typically used to test new features or verify fixes for specific issues before they reach General Availability (GA). Use the table below to find a custom build code.

Update

2026 March 09: VIPRE Cloud Agent for Windows version 13.4.8857 Early Access is available with a custom build code below.

 

Build	Custom Build Code
VIPRE Cloud Agent for Windows v13.4.8857 Early Access	464F48CBEA5A08F6DA081B7D4056FB8C

Step 1: Retrieve the Build

The following steps assume you are already logged in to your VIPRE Cloud web console.

1. Navigate to SETUP > Deploy Agents

1. On the right side of the window, under Retrieve Custom Build, click the button that says Enter Build Code
2. Enter the build code that was provided to you and select Retrieve

Once the Custom Build agent is retrieved, it will appear under the current version.

Step 2: Deploy to Devices

There are two options to deploy the agent once you have the custom build.

Option 1: Update Devices (Strongly Recommended)

Use this method to remotely update agents that are already installed on your endpoints. This is the fastest and most efficient way to test a new build on existing machines.

1. Next to the Custom Build, click Update Devices
2. Select the checkboxes next to the endpoints you would like to update to this custom build
   • We recommend starting with your dedicated test machines
3. Click Update Selected—a remote task is sent to the selected agents to perform the update

Option 2: Create Policy Installer (Fresh Installs Only)

This is more of a manual installation option, allowing you to create a policy-based MSI file for individual endpoints. This is only recommended for fresh installations on devices that do not currently have a VIPRE agent.

1. Next to the Custom Build, click Create Policy Installer
2. Select your desired policy, then click Select
3. Allow some time for the policy-specific agent installer to be created, then click Download Installer

Your browser will then download the vipre_private_agent_yoursitename_yourpolicyname_versionnumber.msi file. Use your preferred method to get this MSI file to the endpoints you've chosen for installation.

Congrats! You have successfully retrieved and installed a custom agent build.