[Solved] Support of Windows 10, Windows Server 2016 and Windows Server 2019 in Kaspersky Endpoint Security - BEST Antivirus KBS : Largest Anti-Malware Knowlegde Base and Support

Kaspersky Endpoint Security for Windows supports the following editions of Microsoft Windows 10:

Microsoft Windows 10 Pro/Enterprise	Kaspersky Endpoint Security
Microsoft Windows 10 Pro/Enterprise	10 SP1 MR2 10.2.4.674	10 SP1 MR3 10.2.5.3201	10 SP1 MR4 10.2.6.3733	10 SP2, 10 SP2 MR1 10.3.0.6294	10 SP2 MR2 10.3.0.6294	10 SP2 MR3 10.3.3.275 10 SP2 MR4 10.3.3.304	11.0.0.6499	11.6.0.394, 11.5.0.590, 11.4.0.233, 11.3.0.773, 11.2.0.2254 CF 1, 11.2.0.2254, 11.1.1.126, 11.1.0.15919, 11.0.1.90
May 2021 Update (21H1)					limitations	limitations		limitations
October 2020 Update (20H2, version 2009)					limitations	limitations		limitations
May2020 Update (20H1, version 2004)					limitations	limitations		limitations
November2019 Update (19H2, version 1909)			limitations		limitations	limitations	limitations	limitations
May 2019 Update (19H1, version 1903)			limitations		limitations	limitations	limitations	limitations
October 2018 Update (Redstone 5, version 1809)		limitations	limitations		limitations	limitations	limitations	limitations
April 2018 Update (Redstone 4, version 1803)		limitations	limitations		limitations	limitations	limitations	limitations
Fall creators Update (Redstone 3, version 1709)		limitations	limitations	limitations	limitations	limitations	limitations	limitations
Creators Update (Redstone 2, version 1703)		limitations	limitations	limitations	limitations	limitations	limitations	limitations
Anniversary Update (Redstone 1, version 1607)		limitations	limitations	limitations	limitations	limitations	limitations	limitations
Fall Update (TH2, version 1511)	limitations
Release (TH1, version 1507)
Microsoft Windows Server
Version 2019		limitations	limitations		limitations	limitations	limitations	limitations
Version 2016		limitations	limitations	limitations	limitations	limitations	limitations	limitations

Support of Microsoft Windows 10 May 2021 Update (21H1)

Kaspersky Endpoint Security 11.6.0, 11.5.0, 11.4.0

Limitations:

Windows Subsystem for Linux (WSL) is supported with limitations: Pico processes in FLE are not supported.
The ReFS file system is supported with limitations.
Case-sensitive file paths are supported with limitations:
- Case-sensitive FLE paths are not supported.
- HIPS / Firewall / Application Control. File paths in rules are not case-sensitive.
The installation and running of Kaspersky Endpoint Security in a Windows Sandbox environment is not supported.
Taking screenshots in the Host Intrusion Prevention component (Application Control Rules → Rights) is not supported for 32-bit and 64-bit operating systems.

Limitations of updating the operating system on computers with KES 11.6.0, 11.5.0, 11.4.0 installed:

If the computer has been encrypted using Full Disk Encryption (FDE), and the upgrade is not performed via WSUS, follow the instructions in this article.

Kaspersky Endpoint Security 11.3.0

Limitations:

Windows Subsystem for Linux (WSL) is supported with limitations: Pico processes in FLE are not supported.
The ReFS file system is supported with limitations.
Case-sensitive file paths are supported with limitations:
- Case-sensitive FLE paths are not supported.
- HIPS / Firewall / Application Control. File paths in rules are not case-sensitive.
The installation and running of Kaspersky Endpoint Security in a Windows Sandbox environment is not supported.

Limitations of updating the operating system on computers with KES 11.3.0 installed:

If the computer has been encrypted using Full Disk Encryption (FDE), and the upgrade is not performed via WSUS, follow the instructions in this article.

Kaspersky Endpoint Security 11.2.0 and Critical Fix 1

Limitations:

Windows Subsystem for Linux (WSL) is supported with limitations: Pico processes in FLE are not supported.
The ReFS file system is supported with limitations.
Case-sensitive file paths are supported with limitations:
- Case-sensitive FLE paths are not supported.
- HIPS / Firewall / Application Control. File paths in rules are not case-sensitive.
The installation and running of Kaspersky Endpoint Security in a Windows Sandbox environment is not supported.

Limitations of updating the operating system on computers with KES11.2.0 and 11.2.0 Critical Fix 1 installed:

If the File Encryption component (FLE) is installed on the computer, the operating system update is not supported. Upgrade Kaspersky Endpoint Security to version 11.5.0 or later or contact technical support for a private patch.
If the computer has been encrypted using Full Disk Encryption (FDE), and the upgrade is not performed via WSUS, follow the instructions in this article.

Kaspersky Endpoint Security 11.1.1

Limitations:

Windows Subsystem for Linux (WSL) is supported with limitations: Pico processes in FLE are not supported.
The ReFS file system is supported with limitations.
Case-sensitive file paths are supported with limitations:
- Case-sensitive FLE paths are not supported.
- HIPS / Firewall / Application Control. File paths in rules are not case-sensitive.
The installation and running of Kaspersky Endpoint Security in a Windows Sandbox environment is not supported.

Limitations of updating the operating system on computers with KES 11.1.1 installed:

If the File Encryption component (FLE) is installed on the computer, the operating system update is not supported. Upgrade Kaspersky Endpoint Security to version 11.5.0 or later or contact technical support for a private patch.
After upgrading the operating system from a version earlier than Windows 10 Redstone 2 the application automatically starts the restoration procedure, as a result of which local settings are reset to their default values. When the application is started for the first time, a window will appear requesting participation in KSN.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions in this article.

Kaspersky Endpoint Security 11.1.0

Limitations:

Windows Subsystem for Linux (WSL) is supported with limitations: Pico processes in FLE are not supported.
The ReFS file system is supported with limitations.
Case-sensitive file paths are supported with limitations:
- Case-sensitive FLE paths are not supported.
- HIPS / Firewall / Application Control. File paths in rules are not case-sensitive.
The installation and running of Kaspersky Endpoint Security in a Windows Sandbox environment is not supported.
The following privileges in the Host Intrusion Prevention component are not supported (Application Control Rules → Rights).
For 32-bit operating systems:
- Pausing other processes and threads
- Injecting the code
for 32-bit and 64-bit operating systems:
- Using other applications’ APIs
- Installing hooks
- Creating a service
- Opening the service for reading
- Modifying the service configuration
- Accessing audio devices
- Accessing video devices
- Using the browser command line

Limitations of updating the operating system on computers with KES11.1.0 installed:

If the File Encryption component (FLE) is installed on the computer, the operating system update is not supported. Upgrade Kaspersky Endpoint Security to version 11.5.0 or later or contact technical support for a private patch.
After upgrading the operating system from a version earlier than Windows 10 Redstone 2 the application automatically starts the restoration procedure, as a result of which local settings are reset to their default values. When the application is started for the first time, a window will appear requesting participation in KSN.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions in this article.

Kaspersky Endpoint Security 11.0.1, Kaspersky Endpoint Security 10 SP2MR4, SP2MR3

Limitations:

Windows Subsystem for Linux (WSL) is not supported.
ReFS is supported with limitations.
The installation and running of Kaspersky Endpoint Security in a Windows Sandbox environment is not supported.
File Level Encryption (FLE) is not supported.
The following privileges in the Host Intrusion Prevention component are not supported (Application Control Rules → Rights).
For 32-bit operating systems:
- Pausing other processes and threads
- Injecting the code
For 32-bit and 64-bit operating systems:
- Using other applications’ APIs
- Installing hooks
- Creating a service
- Opening the service for reading
- Modifying the service configuration
- Accessing audio devices
- Accessing video devices
- Using the browser command line

Limitations of updating the operating system on computers with KES 11.0.1, KES10 SP2MR4, SP2MR3 installed:

Only upgrading from Windows 10, Windows 10 TH2, Windows 10 Anniversary Update (Redstone 1), Windows 10 Creators Update (Redstone 2), Windows 10 Fall Creators Update (Redstone 3), Windows 10 April 2018 Update (Redstone 4), Windows 10 October 2018 Update (Redstone 5), Windows 10 May 2019 Update (19H1), Windows 10 November 2019 Update (19H2), Windows 10 May 2020 Update (20H1), Windows 10 October 2020 Update (20H2) is supported.
If file encryption components (FLE and/or FDE) or the Device Manager component are installed on the computer, the application will be automatically restored after updating the operating system.
After updating the operating system, the Firewall component is displayed in the Windows Security settings as disabled. Upon restart, the status is displayed correctly.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions:
- for KES11
- for KES10

Kaspersky Endpoint Security 10 SP2MR2

Limitations:

The following privileges in the Host Intrusion Prevention component are not supported (Application Control Rules → Rights).
For 32-bit operating systems:
- Pausing other processes and threads
- Injecting the code
for 32-bit and 64-bit operating systems:
- Using other applications’ APIs
- Installing hooks
- Creating a service
- Opening the service for reading
- Modifying the service configuration
- Accessing audio devices
- Accessing video devices
- Using the browser command line

Windows Subsystem for Linux (WSL) is not supported.
ReFS is supported with limitations.
On Hyper-V virtual machines, the system may stop responding if the computer switches off or enters hibernation while encrypting a hard drive with FDE.
The installation and running of Kaspersky Endpoint Security in a Windows Sandbox environment is not supported.
File Level Encryption (FLE) is not supported.

Limitations of updating the operating system on computers with KES10 SP2MR2 installed:

Only upgrading from Windows 10, Windows 10 TH2, Windows 10 Anniversary Update (Redstone 1), Windows 10 Creators Update (Redstone 2), Windows 10 Fall Creators Update (Redstone 3), Windows 10 April 2018 Update (Redstone 4), Windows 10 October 2018 Update (Redstone 5), Windows 10 May 2019 Update (19H1), Windows 10 November 2019 Update (19H2), Windows 10 May 2020 Update (20H1), Windows 10 October 2020 Update (20H2) is supported.
If file encryption components (FLE and/or FDE) or the Device Manager component are installed on the computer, the application will be automatically restored after updating the operating system.
After updating the operating system, the Firewall component is displayed in the Windows Security settings as disabled. Upon restart, the status is displayed correctly.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions:
- for KES11
- for KES10

Support of Microsoft Windows 10 October 2020 Update (20H2)

Kaspersky Endpoint Security 11.6.0, 11.5.0, 11.4.0

Limitations:

Windows Subsystem for Linux (WSL) is supported with limitations: Pico processes in FLE are not supported.
The ReFS file system is supported with limitations.
Case-sensitive file paths are supported with limitations:
- Case-sensitive FLE paths are not supported.
- HIPS / Firewall / Application Control. File paths in rules are not case-sensitive.
The installation and running of Kaspersky Endpoint Security in a Windows Sandbox environment is not supported.
Taking screenshots in the Host Intrusion Prevention component (Application Control Rules → Rights) is not supported for 32-bit and 64-bit operating systems.

Limitations of updating the operating system on computers with KES 11.6.0, 11.5.0, 11.4.0 installed:

If the computer has been encrypted using Full Disk Encryption (FDE), and the upgrade is not performed via WSUS, follow the instructions in this article.

Kaspersky Endpoint Security 11.3.0

Limitations:

Windows Subsystem for Linux (WSL) is supported with limitations: Pico processes in FLE are not supported.
The ReFS file system is supported with limitations.
Case-sensitive file paths are supported with limitations:
- Case-sensitive FLE paths are not supported.
- HIPS / Firewall / Application Control. File paths in rules are not case-sensitive.
The installation and running of Kaspersky Endpoint Security in a Windows Sandbox environment is not supported.

Limitations of updating the operating system on computers with KES 11.3.0 installed:

If the computer has been encrypted using Full Disk Encryption (FDE), and the upgrade is not performed via WSUS, follow the instructions in this article.

Kaspersky Endpoint Security 11.2.0 and Critical Fix 1

Limitations:

Windows Subsystem for Linux (WSL) is supported with limitations: Pico processes in FLE are not supported.
The ReFS file system is supported with limitations.
Case-sensitive file paths are supported with limitations:
- Case-sensitive FLE paths are not supported.
- HIPS / Firewall / Application Control. File paths in rules are not case-sensitive.
The installation and running of Kaspersky Endpoint Security in a Windows Sandbox environment is not supported.

Limitations of updating the operating system on computers with KES11.2.0 and 11.2.0 Critical Fix 1 installed:

If the File Encryption component (FLE) is installed on the computer, the operating system update is not supported. Upgrade Kaspersky Endpoint Security to version 11.5.0 or later or contact technical support for a private patch.
If the computer has been encrypted using Full Disk Encryption (FDE), and the upgrade is not performed via WSUS, follow the instructions in this article.

Kaspersky Endpoint Security 11.1.1

Limitations:

Windows Subsystem for Linux (WSL) is supported with limitations: Pico processes in FLE are not supported.
The ReFS file system is supported with limitations.
Case-sensitive file paths are supported with limitations:
- Case-sensitive FLE paths are not supported.
- HIPS / Firewall / Application Control. File paths in rules are not case-sensitive.
The installation and running of Kaspersky Endpoint Security in a Windows Sandbox environment is not supported.

Limitations of updating the operating system on computers with KES 11.1.1 installed:

If the File Encryption component (FLE) is installed on the computer, the operating system update is not supported. Upgrade Kaspersky Endpoint Security to version 11.5.0 or later or contact technical support for a private patch.
After upgrading the operating system from a version earlier than Windows 10 Redstone 2 the application automatically starts the restoration procedure, as a result of which local settings are reset to their default values. When the application is started for the first time, a window will appear requesting participation in KSN.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions in this article.

Kaspersky Endpoint Security 11.1.0

Limitations:

Windows Subsystem for Linux (WSL) is supported with limitations: Pico processes in FLE are not supported.
The ReFS file system is supported with limitations.
Case-sensitive file paths are supported with limitations:
- Case-sensitive FLE paths are not supported.
- HIPS / Firewall / Application Control. File paths in rules are not case-sensitive.
The installation and running of Kaspersky Endpoint Security in a Windows Sandbox environment is not supported.
The following privileges in the Host Intrusion Prevention component are not supported (Application Control Rules → Rights).
For 32-bit operating systems:
- Pausing other processes and threads
- Injecting the code
for 32-bit and 64-bit operating systems:
- Using other applications’ APIs
- Installing hooks
- Creating a service
- Opening the service for reading
- Modifying the service configuration
- Accessing audio devices
- Accessing video devices
- Using the browser command line

Limitations of updating the operating system on computers with KES11.1.0 installed:

If the File Encryption component (FLE) is installed on the computer, the operating system update is not supported. Upgrade Kaspersky Endpoint Security to version 11.5.0 or later or contact technical support for a private patch.
After upgrading the operating system from a version earlier than Windows 10 Redstone 2 the application automatically starts the restoration procedure, as a result of which local settings are reset to their default values. When the application is started for the first time, a window will appear requesting participation in KSN.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions in this article.

Kaspersky Endpoint Security 11.0.1, Kaspersky Endpoint Security 10 SP2MR4, SP2MR3

Limitations:

Windows Subsystem for Linux (WSL) is not supported.
ReFS is supported with limitations.
The installation and running of Kaspersky Endpoint Security in a Windows Sandbox environment is not supported.
File Level Encryption (FLE) is not supported.
The following privileges in the Host Intrusion Prevention component are not supported (Application Control Rules → Rights).
For 32-bit operating systems:
- Pausing other processes and threads
- Injecting the code
for 32-bit and 64-bit operating systems:
- Using other applications’ APIs
- Installing hooks
- Creating a service
- Opening the service for reading
- Modifying the service configuration
- Accessing audio devices
- Accessing video devices
- Using the browser command line

Limitations of updating the operating system on computers with KES 11.0.1, KES10 SP2MR4, SP2MR3 installed:

Only upgrading from Windows 10, Windows 10 TH2, Windows 10 Anniversary Update (Redstone 1), Windows 10 Creators Update (Redstone 2), Windows 10 Fall Creators Update (Redstone 3), Windows 10 April 2018 Update (Redstone 4), Windows 10 October 2018 Update (Redstone 5), Windows 10 May 2019 Update (19H1), Windows 10 November 2019 Update (19H2), Windows 10 May 2020 Update (20H1) is supported.
If file encryption components (FLE and/or FDE) or the Device Manager component are installed on the computer, the application will be automatically restored after updating the operating system.
After updating the operating system, the Firewall component is displayed in the Windows Security settings as disabled. Upon restart, the status is displayed correctly.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions:
- for KES11
- for KES10

Kaspersky Endpoint Security 10 SP2MR2

Limitations:

The following privileges in the Host Intrusion Prevention component are not supported (Application Control Rules → Rights).
For 32-bit operating systems:
- Pausing other processes and threads
- Injecting the code
for 32-bit and 64-bit operating systems:
- Using other applications’ APIs
- Installing hooks
- Creating a service
- Opening the service for reading
- Modifying the service configuration
- Accessing audio devices
- Accessing video devices
- Using the browser command line

Windows Subsystem for Linux (WSL) is not supported.
ReFS is supported with limitations.
On Hyper-V virtual machines, the system may stop responding if the computer switches off or enters hibernation while encrypting a hard drive with FDE.
The installation and running of Kaspersky Endpoint Security in a Windows Sandbox environment is not supported.
File Level Encryption (FLE) is not supported.

Limitations of updating the operating system on computers with KES10 SP2MR2 installed:

Only upgrading from Windows 10, Windows 10 TH2, Windows 10 Anniversary Update (Redstone 1), Windows 10 Creators Update (Redstone 2), Windows 10 Fall Creators Update (Redstone 3), Windows 10 April 2018 Update (Redstone 4), Windows 10 October 2018 Update (Redstone 5), Windows 10 May 2019 Update (19H1), Windows 10 November 2019 Update (19H2), Windows 10 May 2020 Update (20H1) is supported.
If file encryption components (FLE and/or FDE) or the Device Manager component are installed on the computer, the application will be automatically restored after updating the operating system.
After updating the operating system, the Firewall component is displayed in the Windows Security settings as disabled. Upon restart, the status is displayed correctly.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions:
- for KES11
- for KES10

Support of Microsoft Windows 10 May 2020 Update (20H1)

Kaspersky Endpoint Security 11.6.0, 11.5.0, 11.4.0

Limitations:

Windows Subsystem for Linux (WSL) is supported with limitations: Pico processes in FLE are not supported.
The ReFS file system is supported with limitations.
Case-sensitive file paths are supported with limitations:
- Case-sensitive FLE paths are not supported.
- HIPS / Firewall / Application Control. File paths in rules are not case-sensitive.
The installation and running of Kaspersky Endpoint Security in a Windows Sandbox environment is not supported.
Taking screenshots in the Host Intrusion Prevention component (Application Control Rules → Rights) is not supported for 32-bit and 64-bit operating systems.

Limitations of updating the operating system on computers with KES 11.6.0, 11.5.0, 11.4.0 installed:

If the computer has been encrypted using Full Disk Encryption (FDE), and the upgrade is not performed via WSUS, follow the instructions in this article.

Kaspersky Endpoint Security 11.3.0

Limitations:

Windows Subsystem for Linux (WSL) is supported with limitations: Pico processes in FLE are not supported.
The ReFS file system is supported with limitations.
Case-sensitive file paths are supported with limitations:
- Case-sensitive FLE paths are not supported.
- HIPS / Firewall / Application Control. File paths in rules are not case-sensitive.
The installation and running of Kaspersky Endpoint Security in a Windows Sandbox environment is not supported.

Limitations of updating the operating system on computers with KES 11.3.0 installed:

If the computer has been encrypted using Full Disk Encryption (FDE), and the upgrade is not performed via WSUS, follow the instructions in this article.

Kaspersky Endpoint Security 11.2.0 and Critical Fix 1

Limitations:

Windows Subsystem for Linux (WSL) is supported with limitations: Pico processes in FLE are not supported.
The ReFS file system is supported with limitations.
Case-sensitive file paths are supported with limitations:
- Case-sensitive FLE paths are not supported.
- HIPS / Firewall / Application Control. File paths in rules are not case-sensitive.
The installation and running of Kaspersky Endpoint Security in a Windows Sandbox environment is not supported.

Limitations of updating the operating system on computers with KES11.2.0 and 11.2.0 Critical Fix 1 installed:

If the File Encryption component (FLE) is installed on the computer, the operating system update is not supported. Upgrade Kaspersky Endpoint Security to version 11.5.0 or later or contact technical support for a private patch.
If the computer has been encrypted using Full Disk Encryption (FDE), and the upgrade is not performed via WSUS, follow the instructions in this article.

Kaspersky Endpoint Security 11.1.1

Limitations:

Windows Subsystem for Linux (WSL) is supported with limitations: Pico processes in FLE are not supported.
The ReFS file system is supported with limitations.
Case-sensitive file paths are supported with limitations:
- Case-sensitive FLE paths are not supported.
- HIPS / Firewall / Application Control. File paths in rules are not case-sensitive.
The installation and running of Kaspersky Endpoint Security in a Windows Sandbox environment is not supported.

Limitations of updating the operating system on computers with KES 11.1.1 installed:

If the File Encryption component (FLE) is installed on the computer, the operating system update is not supported. Upgrade Kaspersky Endpoint Security to version 11.5.0 or later or contact technical support for a private patch.
After upgrading the operating system from a version earlier than Windows 10 Redstone 2 the application automatically starts the restoration procedure, as a result of which local settings are reset to their default values. When the application is started for the first time, a window will appear requesting participation in KSN.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions in this article.

Kaspersky Endpoint Security 11.1.0

Limitations:

Windows Subsystem for Linux (WSL) is supported with limitations: Pico processes in FLE are not supported.
The ReFS file system is supported with limitations.
Case-sensitive file paths are supported with limitations:
- Case-sensitive FLE paths are not supported.
- HIPS / Firewall / Application Control. File paths in rules are not case-sensitive.
The installation and running of Kaspersky Endpoint Security in a Windows Sandbox environment is not supported.
The following privileges in the Host Intrusion Prevention component are not supported (Application Control Rules → Rights).
For 32-bit operating systems:
- Pausing other processes and threads
- Injecting the code
for 32-bit and 64-bit operating systems:
- Using other applications’ APIs
- Installing hooks
- Creating a service
- Opening the service for reading
- Modifying the service configuration
- Accessing audio devices
- Accessing video devices
- Using the browser command line

Limitations of updating the operating system on computers with KES 11.1.0 installed:

If the File Encryption component (FLE) is installed on the computer, the operating system update is not supported. Upgrade Kaspersky Endpoint Security to version 11.5.0 or later or contact technical support for a private patch.
After upgrading the operating system from a version earlier than Windows 10 Redstone 2 the application automatically starts the restoration procedure, as a result of which local settings are reset to their default values. When the application is started for the first time, a window will appear requesting participation in KSN.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions in this article.

Kaspersky Endpoint Security 11.0.1, Kaspersky Endpoint Security 10 SP2MR4, SP2MR3

Limitations:

Windows Subsystem for Linux (WSL) is not supported.
ReFS is supported with limitations.
The installation and running of Kaspersky Endpoint Security in a Windows Sandbox environment is not supported.
File Level Encryption (FLE) is not supported.
The following privileges in the Host Intrusion Prevention component are not supported (Application Control Rules → Rights).
For 32-bit operating systems:
- Pausing other processes and threads
- Injecting the code
for 32-bit and 64-bit operating systems:
- Using other applications’ APIs
- Installing hooks
- Creating a service
- Opening the service for reading
- Modifying the service configuration
- Accessing audio devices
- Accessing video devices
- Using the browser command line

Limitations of updating the operating system on computers with KES 11.0.1, KES10 SP2MR4, SP2MR3 installed:

Only upgrading from Windows 10, Windows 10 TH2, Windows 10 Anniversary Update (Redstone 1), Windows 10 Creators Update (Redstone 2), Windows 10 Fall Creators Update (Redstone 3), Windows 10 April 2018 Update (Redstone 4), Windows 10 October 2018 Update (Redstone 5), Windows 10 May 2019 Update (19H1), Windows 10 November 2019 Update (19H2) is supported.
If file encryption components (FLE and/or FDE) or the Device Manager component are installed on the computer, the application will be automatically restored after updating the operating system.
After updating the operating system, the Firewall component is displayed in the Windows Security settings as disabled. Upon restart, the status is displayed correctly.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions:
- for KES11
- for KES10

Kaspersky Endpoint Security 10 SP2MR2

Limitations:

The following privileges in the Host Intrusion Prevention component are not supported (Application Control Rules → Rights).
For 32-bit operating systems:
- Pausing other processes and threads
- Injecting the code
for 32-bit and 64-bit operating systems:
- Using other applications’ APIs
- Installing hooks
- Creating a service
- Opening the service for reading
- Modifying the service configuration
- Accessing audio devices
- Accessing video devices
- Using the browser command line

Windows Subsystem for Linux (WSL) is not supported.
ReFS is supported with limitations.
On Hyper-V virtual machines, the system may stop responding if the computer switches off or enters hibernation while encrypting a hard drive with FDE.
The installation and running of Kaspersky Endpoint Security in a Windows Sandbox environment is not supported.
File Level Encryption (FLE) is not supported.

Limitations of updating the operating system on computers with KES10 SP2MR2 installed:

Only upgrading from Windows 10, Windows 10 TH2, Windows 10 Anniversary Update (Redstone 1), Windows 10 Creators Update (Redstone 2), Windows 10 Fall Creators Update (Redstone 3), Windows 10 April 2018 Update (Redstone 4), Windows 10 October 2018 Update (Redstone 5), Windows 10 May 2019 Update (19H1), Windows 10 November 2019 Update (19H2) is supported.
If file encryption components (FLE and/or FDE) or the Device Manager component are installed on the computer, the application will be automatically restored after updating the operating system.
After updating the operating system, the Firewall component is displayed in the Windows Security settings as disabled. Upon restart, the status is displayed correctly.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions:
- for KES11
- for KES10

Support of Microsoft Windows 10 November 2019 Update (19H2)

Kaspersky Endpoint Security 11.6.0, 11.5.0, 11.4.0

Limitations:

Windows Subsystem for Linux (WSL) is supported with limitations: Pico processes in FLE are not supported.
The ReFS file system is supported with limitations.
Case-sensitive file paths are supported with limitations:
- Case-sensitive FLE paths are not supported.
- HIPS / Firewall / Application Control. File paths in rules are not case-sensitive.
The installation and running of Kaspersky Endpoint Security in a Windows Sandbox environment is not supported.
Taking screenshots in the Host Intrusion Prevention component (Application Control Rules → Rights) is not supported for 32-bit and 64-bit operating systems.

Limitations of updating the operating system on computers with KES 11.6.0, 11.5.0, 11.4.0 installed:

If the computer has been encrypted using Full Disk Encryption (FDE), and the upgrade is not performed via WSUS, follow the instructions in this article.

Kaspersky Endpoint Security 11.3.0, 11.2.0, and Critical Fix 1

Limitations:

Windows Subsystem for Linux (WSL) is supported with limitations: Pico processes in FLE are not supported.
The ReFS file system is supported with limitations.
Case-sensitive file paths are supported with limitations:
- Case-sensitive FLE paths are not supported.
- HIPS / Firewall / Application Control. File paths in rules are not case-sensitive.
The installation and running of Kaspersky Endpoint Security in a Windows Sandbox environment is not supported.

Limitations of updating the operating system on computers with KES11.3.0, 11.2.0 and Critical Fix 1 installed:

If KES 11.2.0 or 11.2.0 Critical Fix 1 with the FLE encryption component is installed on your computer, the operating system update is not supported. Upgrade Kaspersky Endpoint Security to version 11.5.0 or later or contact technical support for a private patch.
If the computer has been encrypted using Full Disk Encryption (FDE), and the upgrade is not performed via WSUS, follow the instructions in this article.

Kaspersky Endpoint Security 11.1.1

Limitations:

Windows Subsystem for Linux (WSL) is supported with limitations: Pico processes in FLE are not supported.
The ReFS file system is supported with limitations.
Case-sensitive file paths are supported with limitations:
- Case-sensitive FLE paths are not supported.
- HIPS / Firewall / Application Control. File paths in rules are not case-sensitive.
The installation and running of Kaspersky Endpoint Security in a Windows Sandbox environment is not supported.

Limitations of updating the operating system on computers with KES 11.1.1 installed:

If the File Encryption component (FLE) is installed on the computer, the operating system update is not supported. Upgrade Kaspersky Endpoint Security to version 11.5.0 or later or contact technical support for a private patch.
After upgrading the operating system from a version earlier than Windows 10 Redstone 2 the application automatically starts the restoration procedure, as a result of which local settings are reset to their default values. When the application is started for the first time, a window will appear requesting participation in KSN.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions in this article.

Kaspersky Endpoint Security 11.1.0

Limitations:

Windows Subsystem for Linux (WSL) is supported with limitations: Pico processes in FLE are not supported.
The ReFS file system is supported with limitations.
Case-sensitive file paths are supported with limitations:
- Case-sensitive FLE paths are not supported.
- HIPS / Firewall / Application Control. File paths in rules are not case-sensitive.
The installation and running of Kaspersky Endpoint Security in a Windows Sandbox environment is not supported.
The following privileges in the Host Intrusion Prevention component are not supported (Application Control Rules → Rights).
For 32-bit operating systems:
- Pausing other processes and threads
- Injecting the code
For 32-bit and 64-bit operating systems:
- Using other applications’ APIs
- Installing hooks
- Creating a service
- Opening the service for reading
- Modifying the service configuration
- Accessing audio devices
- Accessing video devices
- Using the browser command line

Limitations of updating the operating system on computers with KES 11.1.0 installed:

If the File Encryption component (FLE) is installed on the computer, the operating system update is not supported. Upgrade Kaspersky Endpoint Security to version 11.5.0 or later or contact technical support for a private patch.
After upgrading the operating system from a version earlier than Windows 10 Redstone 2 the application automatically starts the restoration procedure, as a result of which local settings are reset to their default values. When the application is started for the first time, a window will appear requesting participation in KSN.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions in this article.

Kaspersky Endpoint Security 11.0.1, Kaspersky Endpoint Security 10 SP2MR4, SP2MR3

Limitations:

Windows Subsystem for Linux (WSL) is not supported.
ReFS is supported with limitations.
The installation and running of Kaspersky Endpoint Security in a Windows Sandbox environment is not supported.
File Level Encryption (FLE) is not supported.
The following privileges in the Host Intrusion Prevention component are not supported (Application Control Rules → Rights).
For 32-bit operating systems:
- Pausing other processes and threads
- Injecting the code
for 32-bit and 64-bit operating systems:
- Using other applications’ APIs
- Installing hooks
- Creating a service
- Opening the service for reading
- Modifying the service configuration
- Accessing audio devices
- Accessing video devices
- Using the browser command line

Limitations of updating the operating system on computers with KES 11.0.1, KES10 SP2MR4, SP2MR3 installed:

Only upgrading from Windows 10, Windows 10 TH2, Windows 10 Anniversary Update (Redstone 1), Windows 10 Creators Update (Redstone 2), Windows 10 Fall Creators Update (Redstone 3), Windows 10 April 2018 Update (Redstone 4), Windows 10 October 2018 Update (Redstone 5), Windows 10 May 2019 Update (19H1) is supported.
If there are encryption components (FLE and/or FDE) or the Device Control component installed on the computer, then the application will be automatically restored after the upgrade to Microsoft Windows November 2019 Update (19H2).
After upgrading to November 2019 Update (19H2), the Firewall component is displayed in the Windows Security Center as disabled. Upon restart, the status is displayed correctly.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions:
- for KES11
- for KES10

Kaspersky Endpoint Security 11.0.0, Kaspersky Endpoint Security 10 SP2MR2

Limitations:

The following privileges in the Host Intrusion Prevention component are not supported (Application Control Rules → Rights).
For 32-bit operating systems:
- Pausing other processes and threads
- Injecting the code
for 32-bit and 64-bit operating systems:
- Using other applications’ APIs
- Installing hooks
- Creating a service
- Opening the service for reading
- Modifying the service configuration
- Accessing audio devices
- Accessing video devices
- Using the browser command line

Windows Subsystem for Linux (WSL) is not supported.
ReFS is supported with limitations.
On Hyper-V virtual machines, the system may stop responding if the computer switches off or enters hibernation while encrypting a hard drive with FDE.
The installation and running of Kaspersky Endpoint Security in a Windows Sandbox environment is not supported.
File Level Encryption (FLE) is not supported.

Limitations of updating the operating system on computers with KES 11.0.0, KES10 SP2MR2 installed:

Only upgrading from Windows 10, Windows 10 TH2, Windows 10 Anniversary Update (Redstone 1), Windows 10 Creators Update (Redstone 2), Windows 10 Fall Creators Update (Redstone 3), Windows 10 April 2018 Update (Redstone 4), Windows 10 October 2018 Update (Redstone 5), Windows 10 May 2019 Update (19H1) is supported.
If there are encryption components (FLE and/or FDE) or the Device Control component installed on the computer, then the application will be automatically restored after the upgrade to Microsoft Windows November 2019 Update (19H2).
After upgrading to November 2019 Update (19H2), the Firewall component is displayed in the Windows Security Center as disabled. Upon restart, the status is displayed correctly.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions:
- for KES11
- for KES10

Kaspersky Endpoint Security 10 SP1MR4

Limitations:

The following privileges in Activation Privilege Control are not available (Application Control Rules → Rights):
For 32-bit operating systems:
- Pausing other processes and threads
- Injecting the code
for 32-bit and 64-bit operating systems:
- Using other applications’ APIs
- Installing hooks
- Creating a service
- Opening the service for reading
- Opening the service for writing
- Modifying the service configuration
- Using the browser command line

File Level Encryption (FLE) components are not supported.
The Device Guard mode is not supported.
Windows Subsystem for Linux (WSL) is not supported.
ReFS is supported with limitations.
On Hyper-V virtual machines, the system may stop responding if the computer switches off or enters hibernation while encrypting a hard drive with FDE.
The installation and running of Kaspersky Endpoint Security in a Windows Sandbox environment is not supported.

Limitations of updating the operating system on computers with KES10 SP1MR4 installed:

Only upgrading from Windows 10, Windows 10 TH2, Windows 10 Anniversary Update (Redstone 1), Windows 10 Creators Update (Redstone 2), Windows 10 Fall Creators Update (Redstone 3), Windows 10 April 2018 Update (Redstone 4), Windows 10 October 2018 Update (Redstone 5), Windows 10 May 2019 Update (19H1) is supported.
If there are FDE encryption components or the Device Control component installed on the computer, the installation of the November 2019 Update (19H2) is not supported.
After upgrading to November 2019 Update (19H2), the Firewall component is displayed in the Windows Security Center as disabled. Upon restart, the status is displayed correctly.
If after installing November 2019 Update (19H2) the application does not recognize the activation code, restart the application.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions in this article.

Support of Microsoft Windows 10 May 2019 Update (19H1)

Kaspersky Endpoint Security 11.6.0, 11.5.0, 11.4.0

Limitations:

Windows Subsystem for Linux (WSL) is supported with limitations: Pico processes in FLE are not supported.
The ReFS file system is supported with limitations.
Case-sensitive file paths are supported with limitations:
- Case-sensitive FLE paths are not supported.
- HIPS / Firewall / Application Control. File paths in rules are not case-sensitive.
The installation and running of Kaspersky Endpoint Security in a Windows Sandbox environment is not supported.
Taking screenshots in the Host Intrusion Prevention component (Application Control Rules → Rights) is not supported for 32-bit and 64-bit operating systems.

Limitations of updating the operating system on computers with KES 11.6.0, 11.5.0, 11.4.0 installed:

If the computer has been encrypted using Full Disk Encryption (FDE), and the upgrade is not performed via WSUS, follow the instructions in this article.

Kaspersky Endpoint Security 11.3.0, 11.2.0 and Critical Fix 1

Limitations:

Windows Subsystem for Linux (WSL) is supported with limitations: Pico processes in FLE are not supported.
The ReFS file system is supported with limitations.
Case-sensitive file paths are supported with limitations:
- Case-sensitive FLE paths are not supported.
- HIPS / Firewall / Application Control. File paths in rules are not case-sensitive.
The installation and running of Kaspersky Endpoint Security in a Windows Sandbox environment is not supported.

Limitations of updating the operating system on computers with KES 11.3.0, 11.2.0 and Critical Fix 1 installed:

If KES 11.2.0 or 11.2.0 Critical Fix 1 with the FLE encryption component is installed on your computer, the operating system update is not supported. Upgrade Kaspersky Endpoint Security to version 11.5.0 or later or contact technical support for a private patch.
If the computer has been encrypted using Full Disk Encryption (FDE), and the upgrade is not performed via WSUS, follow the instructions in this article.

Kaspersky Endpoint Security 11.1.1

Limitations:

Windows Subsystem for Linux (WSL) is supported with limitations: Pico processes in FLE are not supported.
The ReFS file system is supported with limitations.
Case-sensitive file paths are supported with limitations:
- Case-sensitive FLE paths are not supported.
- HIPS / Firewall / Application Control. File paths in rules are not case-sensitive.
The installation and running of Kaspersky Endpoint Security in a Windows Sandbox environment is not supported.

Limitations of updating the operating system on computers with KES 11.1.1 installed:

If the File Encryption component (FLE) is installed on the computer, the operating system update is not supported. Upgrade Kaspersky Endpoint Security to version 11.5.0 or later or contact technical support for a private patch.
After upgrading the operating system from a version earlier than Windows 10 Redstone 2 the application automatically starts the restoration procedure, as a result of which local settings are reset to their default values. When the application is started for the first time, a window will appear requesting participation in KSN.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions in this article.

Kaspersky Endpoint Security 11.1.0

Limitations:

Windows Subsystem for Linux (WSL) is supported with limitations: Pico processes in FLE are not supported.
The ReFS file system is supported with limitations.
Case-sensitive file paths are supported with limitations:
- Case-sensitive FLE paths are not supported.
- HIPS / Firewall / Application Control. File paths in rules are not case-sensitive.
The installation and running of Kaspersky Endpoint Security in a Windows Sandbox environment is not supported.
The following privileges in the Host Intrusion Prevention component are not supported (Application Control Rules → Rights).
For 32-bit operating systems:
- Pausing other processes and threads
- Injecting the code
for 32-bit and 64-bit operating systems:
- Using other applications’ APIs
- Installing hooks
- Creating a service
- Opening the service for reading
- Modifying the service configuration
- Accessing audio devices
- Accessing video devices
- Using the browser command line

Limitations of updating the operating system on computers with KES 11.1.0 installed:

If the File Encryption component (FLE) is installed on the computer, the operating system update is not supported. Upgrade Kaspersky Endpoint Security to version 11.5.0 or later or contact technical support for a private patch.
After upgrading the operating system from a version earlier than Windows 10 Redstone 2 the application automatically starts the restoration procedure, as a result of which local settings are reset to their default values. When the application is started for the first time, a window will appear requesting participation in KSN.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions in this article.

Kaspersky Endpoint Security 11.0.1, Kaspersky Endpoint Security 10 SP2MR4, SP2MR3

Limitations:

Windows Subsystem for Linux (WSL) is not supported.
ReFS is supported with limitations.
The installation and running of Kaspersky Endpoint Security in a Windows Sandbox environment is not supported.
The following privileges in the Host Intrusion Prevention component are not supported (Application Control Rules → Rights).
For 32-bit operating systems:
- Pausing other processes and threads
- Injecting the code
for 32-bit and 64-bit operating systems:
- Using other applications’ APIs
- Installing hooks
- Creating a service
- Opening the service for reading
- Modifying the service configuration
- Accessing audio devices
- Accessing video devices
- Using the browser command line
File Level Encryption (FLE) is not supported.

Limitations of updating the operating system on computers with KES 11.0.1, KES10 SP2MR4, SP2MR3 installed:

Only upgrading from Windows 10, Windows 10 TH2, Windows 10 Anniversary Update (Redstone 1), Windows 10 Creators Update (Redstone 2), Windows 10 Fall Creators Update (Redstone 3), Windows 10 April 2018 Update (Redstone 4), Windows 10 October 2018 Update (Redstone 5) is supported.
If there are encryption components (FLE and/or FDE) or the Device Control component installed on the computer, then the application will be automatically restored after the upgrade to Microsoft Windows May 2019 Update (19H1).
After upgrading to May 2019 Update (19H1), the Firewall component is displayed in the Windows Security settings as disabled. Upon restart, the status is displayed correctly.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions:
- for KES11
- for KES10

Kaspersky Endpoint Security 11.0.0 , Kaspersky Endpoint Security 10 SP2MR2

Limitations:

The following privileges in the Host Intrusion Prevention component are not supported (Application Control Rules → Rights).
For 32-bit operating systems:
- Pausing other processes and threads
- Injecting the code
for 32-bit and 64-bit operating systems:
- Using other applications’ APIs
- Installing hooks
- Creating a service
- Opening the service for reading
- Modifying the service configuration
- Accessing audio devices
- Accessing video devices
- Using the browser command line
Windows Subsystem for Linux (WSL) is not supported.
ReFS is supported with limitations.
On Hyper-V virtual machines, the system may stop responding if the computer switches off or enters hibernation while encrypting a hard drive with FDE.
The installation and running of Kaspersky Endpoint Security in a Windows Sandbox environment is not supported.
File Level Encryption (FLE) is not supported.

Limitations of updating the operating system on computers with KES 11.0.0, KES10 SP2MR2 installed:

Only upgrading from Windows 10, Windows 10 TH2, Windows 10 Anniversary Update (Redstone 1), Windows 10 Creators Update (Redstone 2), Windows 10 Fall Creators Update (Redstone 3), Windows 10 April 2018 Update (Redstone 4), Windows 10 October 2018 Update (Redstone 5) is supported.
If there are encryption components (FLE and/or FDE) or the Device Control component installed on the computer, then the application will be automatically restored after the upgrade to Microsoft Windows May 2019 Update (19H1).
After upgrading to May 2019 Update (19H1), the Firewall component is displayed in the Windows Security settings as disabled. Upon restart, the status is displayed correctly.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions:
- for KES11
- for KES10

Kaspersky Endpoint Security 10 SP1MR4

Limitations:

The following privileges in Activation Privilege Control are not available (Application Control Rules → Rights):
For 32-bit operating systems:
- Pausing other processes and threads
- Injecting the code
for 32-bit and 64-bit operating systems:
- Using other applications’ APIs
- Installing hooks
- Creating a service
- Opening the service for reading
- Opening the service for writing
- Modifying the service configuration
- Using the browser command line
File Level Encryption (FLE) components are not supported.
The Device Guard mode is not supported.
Windows Subsystem for Linux (WSL) is not supported.
ReFS is supported with limitations.
On Hyper-V virtual machines, the system may stop responding if the computer switches off or enters hibernation while encrypting a hard drive with FDE.
The installation and running of Kaspersky Endpoint Security in a Windows Sandbox environment is not supported.

Limitations of updating the operating system on computers with KES10 SP1MR4 installed:

Only upgrading from Windows 10, Windows 10 TH2, Windows 10 Anniversary Update (Redstone 1), Windows 10 Creators Update (Redstone 2), Windows 10 Fall Creators Update (Redstone 3), Windows 10 April 2018 Update (Redstone 4), Windows 10 October 2018 Update (Redstone 5) is supported.
If there are FDE encryption components or the Device Control component installed on the computer, the installation of the May 2019 Update (19H1) is not supported.
After upgrading to May 2019 Update (19H1), the Firewall component is displayed in the Windows Security settings as disabled. Upon restart, the status is displayed correctly.
If after installing May 2019 Update (19H1) the application does not recognize the activation code, restart the application.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions in this article.

Support of Microsoft Windows 10 October 2018 Update (Redstone 5)

Kaspersky Endpoint Security 11.6.0, 11.5.0, 11.4.0

Limitations:

Windows Subsystem for Linux (WSL) is supported with limitations: Pico processes in FLE are not supported.
The ReFS file system is supported with limitations.
Case-sensitive file paths are supported with limitations:
- Case-sensitive FLE paths are not supported.
- HIPS / Firewall / Application Control. File paths in rules are not case-sensitive.
Taking screenshots in the Host Intrusion Prevention component (Application Control Rules → Rights) is not supported for 32-bit and 64-bit operating systems.

Limitations of updating the operating system on computers with KES 11.6.0, 11.5.0, 11.4.0 installed:

If the computer has been encrypted using Full Disk Encryption (FDE), and the upgrade is not performed via WSUS, follow the instructions in this article.

Kaspersky Endpoint Security 11.3.0, 11.2.0 and Critical Fix 1

Limitations:	Windows Subsystem for Linux (WSL) is supported with limitations: Pico processes in FLE are not supported. The ReFS file system is supported with limitations. Case-sensitive file paths are supported with limitations: Case-sensitive FLE paths are not supported. HIPS / Firewall / Application Control. File paths in rules are not case-sensitive.
Limitations of updating the operating system on computers with KES11.3.0, 11.2.0 and Critical Fix 1 installed:	If the computer has been encrypted using Full Disk Encryption (FDE), and the upgrade is not performed via WSUS, follow the instructions in this article.

Kaspersky Endpoint Security 11.1.0 и 11.1.1

Limitations:

Windows Subsystem for Linux (WSL) is supported with limitations: Pico processes in FLE are not supported.
The ReFS file system is supported with limitations.
Case-sensitive file paths are supported with limitations:
- Case-sensitive FLE paths are not supported.
- HIPS / Firewall / Application Control. File paths in rules are not case-sensitive.

Limitations of updating the operating system on computers with KES 11.1.0 and 11.1.1 installed:

After upgrading the operating system from a version earlier than Windows 10 Redstone 2 the application automatically starts the restoration procedure, as a result of which local settings are reset to their default values. When the application is started for the first time, a window will appear requesting participation in KSN.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions in this article.

Kaspersky Endpoint Security 11.0.1, Kaspersky Endpoint Security 10 SP2MR4, SP2MR3

Limitations:

Windows Subsystem for Linux (WSL) is not supported.
ReFS is supported with limitations.

Limitations of updating the operating system on computers with KES 11.0.1, KES10 SP2MR4, SP2MR3 installed:

Only upgrading from Windows 10, Windows 10 TH2, Windows 10 Anniversary Update (Redstone 1), Windows 10 Creators Update (Redstone 2), Windows 10 Fall Creators Update (Redstone 3), Windows 10 April 2018 Update (Redstone 4) is supported.
If there are encryption components (FLE and/or FDE) or the Device Control component installed on the computer, the application will be automatically restored after the upgrade to Microsoft Windows October 2018 Update (Redstone 5).
After upgrading to October 2018 Update (Redstone 5), the Firewall component is displayed in the Windows Security settings as disabled. Upon restart, the status is displayed correctly.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions:
- for KES11
- for KES10

Kaspersky Endpoint Security 11.0.0 , Kaspersky Endpoint Security 10 SP2MR2

Limitations:

The following privileges in the Host Intrusion Prevention component are not supported (Application Control Rules → Rights).
For 32-bit operating systems:
- Pausing other processes and threads
- Injecting the code
for 32-bit and 64-bit operating systems:
- Using other applications’ APIs
- Installing hooks
- Creating a service
- Opening the service for reading
- Modifying the service configuration
- Accessing audio devices
- Accessing video devices
- Using the browser command line
Windows Subsystem for Linux (WSL) is not supported.
ReFS is supported with limitations.
On Hyper-V virtual machines, the system may stop responding if the computer switches off or enters hibernation while encrypting a hard drive with FDE.

Limitations of updating the operating system on computers with KES 11.0.0, KES 10 SP2MR2 installed:

Only upgrading from Windows 10, Windows 10 TH2, Windows 10 Anniversary Update (Redstone 1), Windows 10 Creators Update (Redstone 2), Windows 10 Fall Creators Update (Redstone 3), Windows 10 April 2018 Update (Redstone 4) is supported.
If there are encryption components (FLE and/or FDE) or the Device Control component installed on the computer, the application will be automatically restored after the upgrade to Microsoft Windows October 2018 Update (Redstone 5).
After upgrading to October 2018 Update (Redstone 5), the Firewall component is displayed in the Windows Security settings as disabled. Upon restart, the status is displayed correctly.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions:
- for KES11
- for KES10

Kaspersky Endpoint Security 10 SP1MR4, SP1MR3

Limitations:

The following privileges in Activation Privilege Control are not available (Application Control Rules → Rights):
For 32-bit operating systems:
- Pausing other processes and threads
- Injecting the code
for 32-bit and 64-bit operating systems:
- Using other applications’ APIs
- Installing hooks
- Creating a service
- Opening the service for reading
- Opening the service for writing
- Modifying the service configuration
- Using the browser command line
File Level Encryption (FLE) components are not supported.
The Device Guard mode is not supported.
Windows Subsystem for Linux (WSL) is not supported.
ReFS is supported with limitations.
On Hyper-V virtual machines, the system may stop responding if the computer switches off or enters hibernation while encrypting a hard drive with FDE.

Limitations of updating the operating system on computers with KES10 SP1MR4, SP1MR3 installed:

Only upgrading from Windows 10, Windows 10 TH2, Windows 10 Anniversary Update (Redstone 1), Windows 10 Creators Update (Redstone 2), Windows 10 Fall Creators Update (Redstone 3), Windows 10 April 2018 Update (Redstone 4) is supported.
If there are FDE encryption components or the Device Control component installed on the computer, then the application will be automatically restored after the upgrade to Microsoft Windows October 2018 Update (Redstone 5).
After upgrading to October 2018 Update (Redstone 5), the Firewall component is displayed in the Windows Security settings as disabled. Upon restart, the status is displayed correctly.
If after installing Microsoft Windows October 2018 Update (Redstone 5) the application does not recognize the activation code, restart the application.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions in this article.

Support of Microsoft Windows 10 April 2018 Update (Redstone 4)

Kaspersky Endpoint Security 11.6.0, 11.5.0, 11.4.0

Limitations:

Windows Subsystem for Linux (WSL) is supported with limitations: Pico processes in FLE are not supported.
The ReFS file system is supported with limitations.
Full Disk Encryption (FDE) is incompatible with Hyper-V platform components.
The update task might not work properly, causing the application to stop responding on computers with Windows 10 April 2018 Update (Redstone 4, version 1803). To fix the issue, install the KB4340917 operating system update.
Taking screenshots in the Host Intrusion Prevention component (Application Control Rules → Rights) is not supported for 32-bit and 64-bit operating systems.

Limitations of updating the operating system on computers with KES 11.6.0, 11.5.0, 11.4.0installed:

If the computer has been encrypted using Full Disk Encryption (FDE), and the upgrade is not performed via WSUS, follow the instructions in this article.

Kaspersky Endpoint Security 11.3.0, 11.2.0 and Critical Fix 1

Limitations:

Windows Subsystem for Linux (WSL) is supported with limitations: Pico processes in FLE are not supported.
The ReFS file system is supported with limitations.
Full Disk Encryption (FDE) is incompatible with Hyper-V platform components.
The update task might not work properly, causing the application to stop responding on computers with Windows 10 April 2018 Update (Redstone 4, version 1803). To fix the issue, install the KB4340917 operating system update.

Limitations of updating the operating system on computers with KES11.3.0, 11.2.0 and Critical Fix 1 installed:

If the computer has been encrypted using Full Disk Encryption (FDE), and the upgrade is not performed via WSUS, follow the instructions in this article.

Kaspersky Endpoint Security 11.1.0 и 11.1.1

Limitations:

Windows Subsystem for Linux (WSL) is supported with limitations: Pico processes in FLE are not supported.
The ReFS file system is supported with limitations.
Full Disk Encryption (FDE) is incompatible with Hyper-V platform components.
The update task might not work properly, causing the application to stop responding on computers with Windows 10 April 2018 Update (Redstone 4, version 1803). To fix the issue, install the KB4340917 operating system update.

Limitations of updating the operating system on computers with KES 11.1.0 and 11.1.1 installed:

After upgrading the operating system from a version earlier than Windows 10 Redstone 2 the application automatically starts the restoration procedure, as a result of which local settings are reset to their default values. When the application is started for the first time, a window will appear requesting participation in KSN.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions in this article.

Kaspersky Endpoint Security 11.0.1, Kaspersky Endpoint Security 10 SP2MR4, SP2MR3

Limitations:

Windows Subsystem for Linux (WSL) is not supported.
ReFS is supported with limitations.
Full Disk Encryption (FDE) is incompatible with Hyper-V platform components.

Limitations of updating the operating system on computers with KES 11.0.1, KES10 SP2MR4, SP2MR3 installed:

Only upgrading from Windows 10, Windows 10 TH2, Windows 10 Anniversary Update (Redstone 1), Windows 10 Creators Update (Redstone 2), Windows 10 Fall Creators Update (Redstone 3) is supported.
If there are encryption components (FLE and/or FDE) or the Device Control component installed on the computer, the application will be automatically restored after the upgrade to Spring Creators Update (Redstone 4).
After upgrading to Spring Creators Update (Redstone 4), the Firewall component is displayed in the Windows Security Center as disabled. Upon restart, the status is displayed correctly.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions:
- for KES11
- for KES10

Kaspersky Endpoint Security 11.0.0

Limitations:

The following privileges in the Host Intrusion Prevention component are not supported (Application Control Rules → Rights).
For 32-bit operating systems:
- Pausing other processes and threads
- Injecting the code
for 32-bit and 64-bit operating systems:
- Using other applications’ APIs
- Installing hooks
- Creating a service
- Opening the service for reading
- Modifying the service configuration
- Accessing audio devices
- Accessing video devices
- Using the browser command line
Windows Subsystem for Linux (WSL) is not supported.
ReFS is supported with limitations.
Full Disk Encryption (FDE) is incompatible with Hyper-V platform components.

Limitations of updating the operating system on computers with KES 11.0.0 installed:

Only upgrading from Windows 10, Windows 10 TH2, Windows 10 Anniversary Update (Redstone 1), Windows 10 Creators Update (Redstone 2), Windows 10 Fall Creators Update (Redstone 3) is supported.
If there are encryption components (FLE and/or FDE) or the Device Control component installed on the computer, the application will be automatically restored after the upgrade to Spring Creators Update (Redstone 4).
After upgrading to Spring Creators Update (Redstone 4), the Firewall component is displayed in the Windows Security Center as disabled. Upon restart, the status is displayed correctly.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions in this article.

Kaspersky Endpoint Security 10 SP2 MR2

Limitations:

The following privileges in Activation Privilege Control are not available (Application Control Rules → Rights):
For 32-bit operating systems:
- Pausing other processes and threads
- Injecting the code
for 32-bit and 64-bit operating systems:
- Using other applications’ APIs
- Installing hooks
- Creating a service
- Opening the service for reading
- Modifying the service configuration
- Accessing audio devices
- Accessing video devices
- Using the browser command line
Windows Subsystem for Linux (WSL) is not supported.
ReFS is supported with limitations.
Full Disk Encryption (FDE) is incompatible with Hyper-V platform components.
Text input into Cortana’s search line does not work if the File Encryption component is installed.
You may experience problems with saving a new text file created in Microsoft Office if the File Encryption component is installed. The problem only occurs at the first saving attempt and at the next attempts the file will be successfully saved.

Limitations of updating the operating system on computers with KES10 SP2MR2 installed:

Only upgrading from Windows 10, Windows 10 TH2, Windows 10 Anniversary Update (Redstone 1), Windows 10 Creators Update (Redstone 2), Windows 10 Fall Creators Update (Redstone 3) is supported.
If file encryption components (FLE and/or FDE) or the Device Manager component are installed on the computer, the application will be automatically restored after the upgrade to Microsoft Windows Redstone 4.
After upgrading to Redstone 4, the Firewall component is displayed in the Windows Security settings as disabled. Upon restart, the status is displayed correctly.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions in this article.

Kaspersky Endpoint Security 10 SP1MR4

Limitations:

The following privileges in Activation Privilege Control are not available (Application Control Rules → Rights):
For 32-bit operating systems:
- Pausing other processes and threads
- Injecting the code
for 32-bit and 64-bit operating systems:
- Using other applications’ APIs
- Installing hooks
- Creating a service
- Opening the service for reading
- Opening the service for writing
- Modifying the service configuration
- Using the browser command line
The Device Guard mode is not supported.
Windows Subsystem for Linux (WSL) is not supported.
ReFS is supported with limitations.

Limitations of updating the operating system on computers with KES10 SP1MR4 installed:

Only upgrading from Windows 10, Windows 10 TH2, Windows 10 Anniversary Update (Redstone 1) and Windows 10 Creators Update (Redstone 2) is supported.
If there are encryption components (FLE and/or FDE) or the Device Control component installed on the computer, the application will be automatically restored after the upgrade to Microsoft Windows 10 Fall Creators Update (Redstone 3).
After upgrading to Fall Creators Update (Redstone 3), the Firewall component is displayed in the Windows Security Center as disabled. Upon restart, the status is displayed correctly.
If after upgrading to Fall Creators Update (Redstone 3) the application does not recognize the activation code, restart the application.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions in this article.

Kaspersky Endpoint Security 10 SP1MR3

Limitations:

The following privileges in Activation Privilege Control are not available (Application Control Rules → Rights):
For 32-bit operating systems:
- Pausing other processes and threads
- Injecting the code
for 32-bit and 64-bit operating systems:
- Using other applications’ APIs
- Installing hooks
- Creating a service
- Opening the service for reading
- Opening the service for writing
- Modifying the service configuration
- Using the browser command line
The Device Guard mode is not supported.
Windows Subsystem for Linux (WSL) is not supported.
Full Disk Encryption (FDE) cannot be applied to the UEFI computers.

Limitations of updating the operating system on computers with KES10 SP1MR3 installed:

Only upgrading from Windows 10, Windows 10 TH2, Windows 10 Anniversary Update (Redstone 1) and Windows 10 Creators Update (Redstone 2) is supported.
If there are encryption components (FLE and/or FDE) or the Device Control component installed on the computer, the application will be automatically restored after the upgrade to Microsoft Windows 10 Fall Creators Update (Redstone 3).
After upgrading to Fall Creators Update (Redstone 3), the Firewall component is displayed in the Windows Security Center as disabled. Upon restart, the status is displayed correctly.
If after upgrading to Fall Creators Update (Redstone 3) the application does not recognize the activation code, restart the application.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions in this article.

Support of Microsoft Windows 10 Fall Creators Update (Redstone 3)

Kaspersky Endpoint Security 11.6.0, 11.5.0, 11.4.0

Limitations:	Windows Subsystem for Linux (WSL) is supported with limitations: Pico processes in FLE are not supported. The ReFS file system is supported with limitations. Taking screenshots in the Host Intrusion Prevention component (Application Control Rules → Rights) is not supported for 32-bit and 64-bit operating systems.
Limitations of updating the operating system on computers with KES 11.6.0, 11.5.0, 11.4.0installed:	If the computer has been encrypted using Full Disk Encryption (FDE), and the upgrade is not performed via WSUS, follow the instructions in this article.

Kaspersky Endpoint Security 11.3.0, 11.2.0 and Critical Fix 1

Limitations:	Windows Subsystem for Linux (WSL) is supported with limitations: Pico processes in FLE are not supported. The ReFS file system is supported with limitations.
Limitations of updating the operating system on computers with KES11.3.0, 11.2.0 and Critical Fix 1 installed:	If the computer has been encrypted using Full Disk Encryption (FDE), and the upgrade is not performed via WSUS, follow the instructions in this article.

Kaspersky Endpoint Security 11.1.0 и 11.1.1

Limitations:

Windows Subsystem for Linux (WSL) is supported with limitations: Pico processes in FLE are not supported.
The ReFS file system is supported with limitations.

Limitations of updating the operating system on computers with KES 11.1.0 and 11.1.1 installed:

After upgrading the operating system from a version earlier than Windows 10 Redstone 2 the application automatically starts the restoration procedure, as a result of which local settings are reset to their default values. When the application is started for the first time, a window will appear requesting participation in KSN.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions in this article.

Kaspersky Endpoint Security 11.0.0, 11.0.1, Kaspersky Endpoint Security 10 SP2MR4, SP2MR3, SP2MR2

Limitations:

Windows Subsystem for Linux (WSL) is not supported.
ReFS is supported with limitations.

Limitations of updating the operating system on computers with KES 11.0.1, KES 11.0.0, KES10 SP2MR4, SP2MR3, SP2MR2 installed:

Only upgrading from Windows 10, Windows 10 TH2, Windows 10 Anniversary Update (Redstone 1) and Windows 10 Creators Update (Redstone 2) is supported.
If there are encryption components (FLE and/or FDE) or the Device Control component installed on the computer, the application will be automatically restored after the upgrade to Microsoft Windows 10 Fall Creators Update (Redstone 3).
After upgrading to Fall Creators Update (Redstone 3), the Firewall component is displayed in the Windows Security Center as disabled. Upon restart, the status is displayed correctly.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions:
- for KES11
- for KES10

Kaspersky Endpoint Security 10 SP2 MR1, SP2

Limitations:

The following privileges in Activation Privilege Control are not available (Application Control Rules → Rights):
For 32-bit operating systems:
- Pausing other processes and threads
- Injecting the code
for 32-bit and 64-bit operating systems:
- Using other applications’ APIs
- Installing hooks
- Creating a service
- Opening the service for reading
- Modifying the service configuration
- Accessing audio devices
- Accessing video devices
- Using the browser command line
Windows Subsystem for Linux (WSL) is not supported.
ReFS is supported with limitations.

Limitations of updating the operating system on computers with KES10 SP2 MR1, SP2 installed:

Only upgrading from Windows 10, Windows 10 TH2, Windows 10 Anniversary Update (Redstone 1) and Windows 10 Creators Update (Redstone 2) is supported.
If there are encryption components (FLE and/or FDE) or the Device Control component installed on the computer, then the application will be automatically restored after the upgrade to Microsoft Windows 10 Fall Creators Update (Redstone 3).
After upgrading to Fall Creators Update (Redstone 3), the Firewall component is displayed in the Windows Security Center as disabled. Upon restart, the status is displayed correctly.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions in this article.

Kaspersky Endpoint Security 10 SP1MR4

Limitations:

The following privileges in Activation Privilege Control are not available (Application Control Rules → Rights):
For 32-bit operating systems:
- Pausing other processes and threads
- Injecting the code
for 32-bit and 64-bit operating systems:
- Using other applications’ APIs
- Installing hooks
- Creating a service
- Opening the service for reading
- Opening the service for writing
- Modifying the service configuration
- Using the browser command line
The Device Guard mode is not supported.
Windows Subsystem for Linux (WSL) is not supported.
ReFS is supported with limitations.

Limitations of updating the operating system on computers with KES10 SP1MR4 installed:

Only upgrading from Windows 10, Windows 10 TH2, Windows 10 Anniversary Update (Redstone 1) and Windows 10 Creators Update (Redstone 2) is supported.
If there are encryption components (FLE and/or FDE) or the Device Control component installed on the computer, the application will be automatically restored after the upgrade to Microsoft Windows 10 Fall Creators Update (Redstone 3).
After upgrading to Fall Creators Update (Redstone 3), the Firewall component is displayed in the Windows Security Center as disabled. Upon restart, the status is displayed correctly.
If after upgrading to Fall Creators Update (Redstone 3) the application does not recognize the activation code, restart the application.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions in this article.

Kaspersky Endpoint Security 10 SP1MR3

Limitations:

The following privileges in Activation Privilege Control are not available (Application Control Rules → Rights):
For 32-bit operating systems:
- Pausing other processes and threads
- Injecting the code
for 32-bit and 64-bit operating systems:
- Using other applications’ APIs
- Installing hooks
- Creating a service
- Opening the service for reading
- Opening the service for writing
- Modifying the service configuration
- Using the browser command line
The Device Guard mode is not supported.
Windows Subsystem for Linux (WSL) is not supported.
Full Disk Encryption (FDE) cannot be applied to the UEFI computers.

Limitations of updating the operating system on computers with KES10 SP1MR3 installed:

Only upgrading from Windows 10, Windows 10 TH2, Windows 10 Anniversary Update (Redstone 1) and Windows 10 Creators Update (Redstone 2) is supported.
If there are encryption components (FLE and/or FDE) or the Device Control component installed on the computer, the application will be automatically restored after the upgrade to Microsoft Windows 10 Fall Creators Update (Redstone 3).
After upgrading to Fall Creators Update (Redstone 3), the Firewall component is displayed in the Windows Security Center as disabled. Upon restart, the status is displayed correctly.
If after upgrading to Fall Creators Update (Redstone 3) the application does not recognize the activation code, restart the application.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions in this article.

Support of Microsoft Windows 10 Creators Update (Redstone 2)

Kaspersky Endpoint Security 11.6.0, 11.5.0, 11.4.0

Limitations:	Windows Subsystem for Linux (WSL) is supported with limitations: Pico processes in FLE are not supported. The ReFS file system is supported with limitations. Taking screenshots in the Host Intrusion Prevention component (Application Control Rules → Rights) is not supported for 32-bit and 64-bit operating systems.
Limitations of updating the operating system on computers with KES 11.6.0, 11.5.0, 11.4.0installed:	If the computer has been encrypted using Full Disk Encryption (FDE), and the upgrade is not performed via WSUS, follow the instructions in this article.

Kaspersky Endpoint Security 11.3.0, 11.2.0 and Critical Fix 1

Limitations:	Windows Subsystem for Linux (WSL) is supported with limitations: Pico processes in FLE are not supported. The ReFS file system is supported with limitations.
Limitations of updating the operating system on computers with KES11.3.0, 11.2.0 and Critical Fix 1 installed:	If the computer has been encrypted using Full Disk Encryption (FDE), and the upgrade is not performed via WSUS, follow the instructions in this article.

Kaspersky Endpoint Security 11.1.0 и 11.1.1

Limitations:

Windows Subsystem for Linux (WSL) is supported with limitations: Pico processes in FLE are not supported.
The ReFS file system is supported with limitations.

Limitations of updating the operating system on computers with KES 11.1.0 and 11.1.1 installed:

After upgrading the operating system from a version earlier than Windows 10 Redstone 2 the application automatically starts the restoration procedure, as a result of which local settings are reset to their default values. When the application is started for the first time, a window will appear requesting participation in KSN.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions in this article.

Kaspersky Endpoint Security 1 1.0.0, 11.0.1, Kaspersky Endpoint Security 10 SP2MR4, SP2MR3, SP2MR2, SP2MR1, SP2

Limitations:

Windows Subsystem for Linux (WSL) is not supported.
ReFS is supported with limitations.

Limitations of updating the operating system on computers with KES 11.0.1, KES 11.0.0, KES10 SP2MR4, SP2MR3, SP2MR2, SP2MR1, SP2 installed:

Only upgrading from Windows 10, Windows 10 TH2 , and Windows 10 Anniversary Update (Redstone 1) is supported.
If file encryption components (FLE and/or FDE) or the Device Manager component are installed on the computer, the application will be automatically restored after the upgrade to Microsoft Windows 10 Creators Update (Redstone 2).
After upgrading to Creators Update (Redstone 2), the Firewall component is displayed in the Windows Security settings as disabled. Upon restart, the status is displayed correctly.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions:
- for KES11
- for KES10

Kaspersky Endpoint Security 10 SP1MR4

Limitations:

The Device Guard mode is not supported.
Windows Subsystem for Linux (WSL) is not supported.
ReFS is supported with limitations.

Limitations of updating the operating system on computers with KES10 SP1MR4 installed:

Only upgrading from Windows 10, Windows 10 TH2 , and Windows 10 Anniversary Update (Redstone 1) is supported.
If file encryption components (FLE and/or FDE) or the Device Manager component are installed on the computer, the application will be automatically restored after the upgrade to Microsoft Windows 10 Creators Update (Redstone 2).
After upgrading to Creators Update (Redstone 2), the Firewall component is displayed in the Windows Security settings as disabled. Upon restart, the status is displayed correctly.
If after installing Microsoft Windows 10 Creators Update (Redstone 2) the application does not recognize the activation code, restart the application.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions in this article.

Kaspersky Endpoint Security 10 SP1MR3

Limitations:

The following privileges in Activation Privilege Control are not available (Application Control Rules → Rights):
x86
- Pausing other processes and threads
- Injecting the code
x86/x64
- Using other applications’ APIs
- Installing hooks
- Creating a service
- Opening the service for reading
- Opening the service for writing
- Modifying the service configuration
- Using the browser command line
The Device Guard mode is not supported.
Windows Subsystem for Linux (WSL) is not supported.
Full Disk Encryption (FDE) cannot be applied to the UEFI computers.

Limitations of updating the operating system on computers with KES10 SP1MR3 installed:

Only upgrading from Windows 10, Windows 10 TH2 , and Windows 10 Anniversary Update (Redstone 1) is supported.
If file encryption components (FLE and/or FDE) or the Device Manager component are installed on the computer, the application will be automatically restored after the upgrade to Microsoft Windows 10 Creators Update (Redstone 2).
After upgrading to Creators Update (Redstone 2), the Firewall component is displayed in the Windows Security settings as disabled. Upon restart, the status is displayed correctly.
If after installing Microsoft Windows 10 Creators Update (Redstone 2) the application does not recognize the activation code, restart the application.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions in this article.

Support of Microsoft Windows 10 Anniversary Update (Redstone 1)

Kaspersky Endpoint Security 11.6.0, 11.5.0, 11.4.0

Limitations:	Windows Subsystem for Linux (WSL) is not supported. ReFS is supported with limitations. Taking screenshots in the Host Intrusion Prevention component (Application Control Rules → Rights) is not supported for 32-bit and 64-bit operating systems.
Limitations of updating the operating system on computers with KES 11.6.0, 11.5.0, 11.4.0installed:	If the computer has been encrypted using Full Disk Encryption (FDE), and the upgrade is not performed via WSUS, follow the instructions in this article.

Kaspersky Endpoint Security 11.3.0, 11.2.0 and Critical Fix 1

Limitations:	Windows Subsystem for Linux (WSL) is not supported. ReFS is supported with limitations.
Limitations of updating the operating system on computers with KES11.3.0, 11.2.0 and Critical Fix 1 installed:	If the computer has been encrypted using Full Disk Encryption (FDE), and the upgrade is not performed via WSUS, follow the instructions in this article.

Kaspersky Endpoint Security 11.1.0 и 11.1.1

Limitations:

Windows Subsystem for Linux (WSL) is not supported.
ReFS is supported with limitations.

Limitations of updating the operating system on computers with KES 11.1.0 and 11.1.1 installed:

After upgrading the operating system from a version earlier than Windows 10 Redstone 2 the application automatically starts the restoration procedure, as a result of which local settings are reset to their default values. When the application is started for the first time, a window will appear requesting participation in KSN.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions in this article.

Kaspersky Endpoint Security 11.0.0 , 11.0.1, Kaspersky End point Security 10 SP2MR4, SP2MR3, SP2MR2

Limitations:

Windows Subsystem for Linux (WSL) is not supported.
ReFS is supported with limitations.

Limitations of updating the operating system on computers with KES 11.0.1, KES 11.0.0, KES10 SP2MR4, SP2MR3, SP2MR2 installed:

Only upgrading from Windows 10 and Windows 10 TH2 is supported.
If file encryption components (FLE and/or FDE) or the Device Manager component are installed on the computer, the application will be automatically restored after the upgrade to Microsoft Windows 10 Anniversary Update (Redstone1).
After upgrading to Anniversary Update (Redstone 1), the Firewall component is displayed in the Windows Security settings as disabled. Upon restart, the status is displayed correctly.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions:
- for KES11
- for KES10

Kaspersky Endpoint Security 10 SP2MR1, SP2

Limitations:

Windows Subsystem for Linux (WSL) is not supported.

Limitations of updating the operating system on computers with KES10 SP2MR1, SP2 installed:

Only upgrading from Windows 10 and Windows 10 TH2 is supported.
If file encryption components (FLE and/or FDE) or the Device Manager component are installed on the computer, the application will be automatically restored after the upgrade to Microsoft Windows 10 Anniversary Update (Redstone1).
After upgrading to Anniversary Update (Redstone 1), the Firewall component is displayed in the Windows Security settings as disabled. Upon restart, the status is displayed correctly.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions in this article.

Kaspersky Endpoint Security 10 SP1MR4

Limitations:

The Device Guard mode is not supported.
Windows Subsystem for Linux (WSL) is not supported.

Limitations of updating the operating system on computers with KES10 SP1MR4 installed:

Only upgrading from Windows 10 and Windows 10 TH2 is supported.
If file encryption components (FLE and/or FDE) or the Device Manager component are installed on the computer, the application will be automatically restored after the upgrade to Microsoft Windows 10 Anniversary Update (Redstone1).
After upgrading to Anniversary Update (Redstone 1), the Firewall component is displayed in the Windows Security settings as disabled. Upon restart, the status is displayed correctly.
If after installing Microsoft Windows 10 Anniversary Update (Redstone1) the application does not recognize the activation code, restart the application.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions in this article.

Kaspersky Endpoint Security 10 SP1MR3

Limitations:

The following privileges in Activation Privilege Control are not available (Application Control Rules → Rights):
x86
- Pausing other processes and threads
- Injecting the code
x86/x64
- Using other applications’ APIs
- Installing hooks
- Creating a service
- Opening the service for reading
- Opening the service for writing
- Modifying the service configuration
- Using the browser command line
The Device Guard mode is not supported.
Windows Subsystem for Linux (WSL) is not supported.

Limitations of updating the operating system on computers with KES10 SP1MR3 installed:

Only upgrading from Windows 10 and Windows 10 TH2 is supported.
If file encryption components (FLE and/or FDE) or the Device Manager component are installed on the computer, the application will be automatically restored after the upgrade to Microsoft Windows 10 Anniversary Update (Redstone1).
After upgrading to Anniversary Update (Redstone 1), the Firewall component is displayed in the Windows Security settings as disabled. Upon restart, the status is displayed correctly.
If after installing Microsoft Windows 10 Anniversary Update (Redstone1) the application does not recognize the activation code, restart the application.
If the computer has been encrypted using Full Disk Encryption (FDE), follow the instructions in this article.

Support of Microsoft Windows Server 2019

Kaspersky Endpoint Security 11.6.0, 11.5.0, 11.4.0, 11.3.0, 11.2.0 and Critical Fix 1, Kaspersky Endpoint Security 10 SP2MR4, SP2MR3, SP2MR2

Limitations:

The ReFS file system is supported with limitations.
The Server Core, Server Nano, and Cluster Mode configurations are not supported.
Firewall / Application Control: file paths in rules are not case-sensitive.
When the product is installed, Windows Defender is removed (according to Microsoft recommendations for Anti-Malware Product).
When the product is installed from the MSI file (without using setup.exe), you must remove Windows Defender before starting the installation. For details, see the Microsoft support site.

Kaspersky Endpoint Security11.1.1, 11.1.0, 11.0.0, 11.0.1

Limitations:

The ReFS file system is supported with limitations.
The Server Core, Server Nano, and Cluster Mode configurations are not supported.
Firewall / Application Control: file paths in rules are not case-sensitive.
Before installing the application on Microsoft Windows Server 2019, you must remove Windows Defender. For details, see the Microsoft support site.

Kaspersky Endpoint Security 10 SP1MR4, SP1MR3

Known issues and restrictions:

The ReFS file system is supported with limitations.
The Server Core, Server Nano, and Cluster Mode configurations are not supported.
The Device Guard mode is not supported.
Before installing Kaspersky Endpoint Security 10 Service Pack 1 Maintenance Release 3 on Microsoft Windows Server 2019, you must remove Windows Defender. For details, see the Microsoft support site.

Support of Microsoft Windows Server 2016

Kaspersky Endpoint Security 11.6.0, 11.5.0, 11.4.0, 11.3.0, 11.2.0 and Critical Fix 1

Known issues and restrictions:

Windows Subsystem for Linux (WSL) is supported with limitations.
Firewall / Application Control: file paths in rules are not case-sensitive.
The ReFS file system is supported with limitations.
The Server Core, Server Nano, and Cluster Mode configurations are not supported.
When the product is installed, Windows Defender is removed (according to Microsoft recommendations for Anti-Malware Product).
When the product is installed from the MSI file (without using setup.exe), you must remove Windows Defender before starting the installation. For details, see the Microsoft support site.

Kaspersky Endpoint Security11.1.0 and 11.1.1

Known issues and restrictions:

Windows Subsystem for Linux (WSL) is supported with limitations.
Firewall / Application Control: file paths in rules are not case-sensitive.
The ReFS file system is supported with limitations.
The Server Core, Server Nano, and Cluster Mode configurations are not supported.
Before installing the application on Microsoft Windows Server 2016, you must remove Windows Defender. For details, see the Microsoft support site.

Kaspersky Endpoint Security 11.0.0, 11.0.1

Known issues and restrictions:

The ReFS file system is supported with limitations.
The Server Core, Server Nano, and Cluster Mode configurations are not supported.
Before installing the application on Microsoft Windows Server 2016, you must remove Windows Defender. For details, see the Microsoft support site.

Kaspersky Endpoint Security 10 SP2MR4, SP2MR3, SP2MR2, SP2MR1, SP2

Known issues and restrictions:

The ReFS file system is supported with limitations.
The Server Core, Server Nano, and Cluster Mode configurations are not supported.
When the product is installed, Windows Defender is removed (according to Microsoft recommendations for Anti-Malware Product).
When the product is installed from the MSI file (without using setup.exe), you must remove Windows Defender before starting the installation. For details, see the Microsoft support site.

Kaspersky Endpoint Security 10 SP1MR4, SP1MR3

Known issues and restrictions:

The ReFS file system is supported with limitations.
The Server Core, Server Nano, and Cluster Mode configurations are not supported.
The Device Guard mode is not supported.
Before installing Kaspersky Endpoint Security 10 Service Pack 1 Maintenance Release 4 on Microsoft Windows Server 2016, you must remove Windows Defender. For details, see the Microsoft support site.

Source : Official Kaspersky Brand
Editor by : BEST Antivirus KBS Team

(Visited 59 times, 1 visits today)

Support of Windows 10, Windows Server 2016 and Windows Server 2019 in Kaspersky Endpoint Security

Support of Microsoft Windows 10 May 2021 Update (21H1)

Support of Microsoft Windows 10 October 2020 Update (20H2)

Support of Microsoft Windows 10 May 2020 Update (20H1)

Support of Microsoft Windows 10 November 2019 Update (19H2)

Support of Microsoft Windows 10 May 2019 Update (19H1)

Support of Microsoft Windows 10 October 2018 Update (Redstone 5)

Support of Microsoft Windows 10 April 2018 Update (Redstone 4)

Support of Microsoft Windows 10 Fall Creators Update (Redstone 3)

Support of Microsoft Windows 10 Creators Update (Redstone 2)

Support of Microsoft Windows 10 Anniversary Update (Redstone 1)

Support of Microsoft Windows Server 2019

Support of Microsoft Windows Server 2016

About

Partners

Resources

Support of Microsoft Windows 10 May 2021 Update (21H1)

Support of Microsoft Windows 10 October 2020 Update (20H2)

Support of Microsoft Windows 10 May 2020 Update (20H1)

Support of Microsoft Windows 10 November 2019 Update (19H2)

Support of Microsoft Windows 10 May 2019 Update (19H1)

Support of Microsoft Windows 10 October 2018 Update (Redstone 5)

Support of Microsoft Windows 10 April 2018 Update (Redstone 4)

Support of Microsoft Windows 10 Fall Creators Update (Redstone 3)

Support of Microsoft Windows 10 Creators Update (Redstone 2)

Support of Microsoft Windows 10 Anniversary Update (Redstone 1)

Support of Microsoft Windows Server 2019

Support of Microsoft Windows Server 2016

Related Articles

All about Kaspersky

Limitations of Kaspersky Security Cloud on Windows 10

Secure Keyboard Input limitations in Kaspersky Security Cloud

Webcam Protection in Kaspersky Security Cloud

License problems in Kaspersky Security Cloud

How to install and activate Kaspersky Security Cloud Free

About

Partners

Resources