Trellix ENS 10.7.20 bundle Update failed, Extension ENDP_GS_1000, version 10.7.20.15122 is not compatible with this version of epolicy Orchestrar

Tasks/What you try to do:

You try to integrate or update the new Trellix ENS 10.7.20 from last week into ePO to try the new ransomware options and also test if we can finally exclude On-Access rules by MD5 added to filenames.

The update of the bundle via Software Manager fails. The DLL replacement nightmare from the last ENS release comes to mind But it is related to the ePO version you are running. You are running Service Pack 1 Update 4 (2.0.0.1739) on your ePO from Nov 2025, and that seems too old.

Error you see when you try these two ways:

EPO > Software Catalog > ENS > Update > Update Failed

EPO > Extension > You try to manual integrated the 4 Extension after the new binary are in the EPO but the extension is still 10.7.19 > Error:

Trellix ENS 10.7.10 bundle Update failed, Extension ENDP_GS_1000, version 10.7.20.15122 is not compatible with this version of epolicy Orchestrar

You Download the ENS 10.7.20 bundle, unpack and try to Update the Extension Manuel from the files you see the reason:

* Extension ENDP_GS_1000, version 10.7.20.15122 is not compatible with this version of epolicy Orchestrar – on-prem. (EPO)

You read and try to understand:

Minimum supported extension versions for Trellix ePolicy Orchestrator 5.10.x

https://thrive.trellix.com/s/article/KB94079?language=en_US&page=content&id=KB94079

Solution:

You run:

Service Pack 1 Update 6 (2.0.0.1739)

You must have:

Service Pack 1 Update 6 (2.0.0.1895)

Download and install Service Pack 1 Update 6 from License Download Portal or in the Software Manager. With 2 customers i could NOT see the download shown below and we had to download the Update 6 from License portal Downloads | Trellix > https://www.trellix.com/downloads/

FILE: “ePO_5.10.0_SP1_UP6_1895.zip”

Install the SP1 Update 6

https://docs.trellix.com/bundle/trellix-endpoint-security-10.7.x-release-notes/page/UUID-f2b03669-5152-5465-26fe-ffc2035bf634.html

Some important news in the new release from our side:

You can now enhance protection against ransomware attacks by enabling two new options in the On-Access Scan policy:

• Detect unknown ransomware based on behavior – Monitors process activity for malicious encryption patterns to stop zero-day threats.
• Create ransomware bait files on file system – Deploys hidden ‘honeypot’ files to instantly detect and block attacks.

Enhancements

• Hash-based detection exclusionsThis release allows exclusion in On-Access Scan (OAS) and On-Demand Scan (ODS) using MD5 hash values instead of only file names. This capability allows you to suppress false positives for trusted files without disabling protection rules globally.