ActiveProtect Agent

by Synology Inc.v1.2.0508

Last updated Jun 8, 2026

An all-in-one backup solution designed to simplify and enhance data protection across diverse IT environments.

Install with winget

$ winget install --id Synology.ActiveProtectAgent --exact --version 1.2.0508

Run in Command Prompt, PowerShell, or Windows Terminal. Prompts for any agreements.

Silent install command for ActiveProtect Agent

ActiveProtect Agent uses MSI. The silent install switches are /quiet /norestart.

One-line silent install (x64, machine scope)

msiexec.exe /i Synology%20ActiveProtect%20Agent-x64-1.2.0-0508.msi /quiet /norestart

See the full silent install reference for ActiveProtect Agent →

Built by Pckgr

For Intune admins

Stop chasing app updates. Pckgr patches them for you.

Automated application patching for Microsoft Intune. Pckgr keeps a curated library of 1,000+ apps continuously up-to-date in your tenant via Microsoft Graph - no manual repackaging, no chasing vendor sites.

Start free 30-day trial

No credit card required.

About

ActiveProtect Manager is an all-in-one backup solution designed to simplify and enhance data protection across diverse IT environments. To back up data on PCs, Macs, and physical servers, the ActiveProtect agent must first be installed on the target device.

Installers · v1.2.0508

Architecture	Type	Scope	Install	Download
x86	MSI	machine		Direct
x64	MSI	machine		Direct

Copy a command tailored to that specific architecture, type, and scope - useful when winget would otherwise pick a different default.

Security

8 known CVEs via NVD

medium6.1Fix in v3.1.0-4967CVE-2025-66592affects before 3.1.0-4967May 27, 2026
An origin validation error vulnerability in Synology Active Backup for Business Agent before 3.1.0-4967 allows local users to write arbitrary files with restricted content and conduct denial-of-service during installation.
Vendor advisory
low2.7Fix in v2.7.1-3234CVE-2024-47266affects before 2.7.1-3234, 2.7.1-13234, 2.7.1-23234Feb 12, 2025
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in share file list functionality in Synology Active Backup for Business before 2.7.1-13234, 2.7.1-23234 and 2.7.1-3234 allows remote authenticated users with administrator privileges to...
Vendor advisory
medium6.5Fix in v2.7.1-3234CVE-2024-47265affects before 2.7.1-3234, 2.7.1-13234, 2.7.1-23234Feb 12, 2025
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in encrypted share umount functionality in Synology Active Backup for Business before 2.7.1-13234, 2.7.1-23234 and 2.7.1-3234 allows remote authenticated users to write specific files vi...
Vendor advisory
medium4.9Fix in v2.7.1-3234CVE-2024-47264affects before 2.7.1-3234, 2.7.1-13234, 2.7.1-23234Feb 12, 2025
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in agent-related functionality in Synology Active Backup for Business before 2.7.1-13234, 2.7.1-23234 and 2.7.1-3234 allows remote authenticated users with administrator privileges to de...
Vendor advisory
medium5.3Fix in v2.7.0-3221CVE-2023-52950affects before 2.7.0-3221Sep 25, 2024
Missing encryption of sensitive data vulnerability in login component in Synology Active Backup for Business Agent before 2.7.0-3221 allows adjacent man-in-the-middle attackers to obtain user credential via unspecified vectors.
Vendor advisory
medium5.5Fix in v2.7.0-3221CVE-2023-52949affects before 2.7.0-3221Sep 25, 2024
Missing authentication for critical function vulnerability in proxy settings functionality in Synology Active Backup for Business Agent before 2.7.0-3221 allows local users to obtain user credential via unspecified vectors.
Vendor advisory
medium5.0Fix in v2.7.0-3221CVE-2023-52948affects before 2.7.0-3221Sep 25, 2024
Missing encryption of sensitive data vulnerability in settings functionality in Synology Active Backup for Business Agent before 2.7.0-3221 allows local users to obtain user credential via unspecified vectors.
Vendor advisory
medium4.0Fix in v2.6.0-3101CVE-2023-52947affects before 2.6.0-3101Sep 25, 2024
Missing authentication for critical function vulnerability in logout functionality in Synology Active Backup for Business Agent before 2.6.3-3101 allows local users to logout the client via unspecified vectors. The backup functionality will continue to operate and will not be af...
Vendor advisory

Source: NVD, updated 1h ago. Patch status is best-effort: NVD's fix version is compared against the latest version in winget, but the two version formats don't always align. Confirm with the vendor advisory before treating any specific build as safe.

See a CVE that affects your fleet? Push the patched version to Intune in one click with Pckgr - automated patching is the only way to keep up.

Related apps

Synology Note Station ClientSynology Inc.
Synology.NoteStationClientv2.2.5-804
Synology Note Station Client connects you with Note Station on your Synology NAS. You can manage all the notes/to-do list offline, right from your local computer.
Synology Active Backup for Business AgentSynology Inc.
Synology.ActiveBackupForBusinessAgentv3.2.5053
Active Backup for Business is an all-in-one backup solution for Synology NAS, designed for streamlining and enhancing data protection in businesses' diverse IT environments.
Synology Image AssistantSynology Inc.
Synology.ImageAssistantv1.0.2-56
A desktop app that generates image previews and compressed videos of formats such as HEIC photos and HEVC videos, ensuring proper display of Synology Photos files on any devices
Synology Evidence Integrity AuthenticatorSynology Inc.
Synology.EvidenceIntegrityAuthenticatorv1.2.3-025
A Windows/Mac application that validates and confirms that the recordings and screenshots made by Synology Surveillance Station have not been tampered with since its original recording.
SynologyC2IdentityLDAPSyncSynology Inc.
Synology.C2IdentityLDAPSyncToolv1.78.01400
An agent that synchronizes user/group information between Synology LDAP Server and C2 Identity.
BeeStationSynology Inc.
Synology.BeeStationv1.4.3-675
Sync or back up your folders on your Windows PC or Mac for easy access anytime, anywhere

More from Synology Inc. or browse backup, nas, storage.

Frequently asked questions

How do I install ActiveProtect Agent on Windows?

Open Windows Terminal, PowerShell, or Command Prompt and run: winget install --id Synology.ActiveProtectAgent --exact --version 1.2.0508. winget downloads the installer from Synology Inc. and runs it. Requires Windows 10 (1809+) or Windows 11.

How do I install ActiveProtect Agent silently for unattended deployment?

Add --silent and accept the agreements upfront: winget install --id Synology.ActiveProtectAgent --exact 1.2.0508 --silent --accept-package-agreements --accept-source-agreements. This is the variant Intune, Configuration Manager, and other deployment tools should use.

What are the silent install switches for ActiveProtect Agent?

ActiveProtect Agent uses MSI. Run the downloaded installer with: msiexec.exe /i Synology%20ActiveProtect%20Agent-x64-1.2.0-0508.msi /quiet /norestart. The silent switches are /quiet /norestart.

How do I uninstall ActiveProtect Agent via winget?

Run: winget uninstall --id Synology.ActiveProtectAgent --exact. Add --silent for unattended uninstalls. winget will use the registered uninstaller from ActiveProtect Agent's Apps & Features entry.

Is ActiveProtect Agent free?

ActiveProtect Agent is distributed under Proprietary. Refer to the publisher for the full license terms - Wingetly itself does not charge for installation.

Does ActiveProtect Agent work on Windows 10?

Yes, as long as your Windows 10 build supports winget (1809 or newer). winget ships with App Installer on Windows 10/11 and pulls ActiveProtect Agent directly from the publisher.

How do I keep ActiveProtect Agent up to date?

Run winget upgrade --id Synology.ActiveProtectAgent --exact, or winget upgrade --all to update everything winget tracks. We index 4 versions of ActiveProtect Agent from microsoft/winget-pkgs.

Recent versions

1.2.0508latest
1.1.0439
1.0.0256
1.0.0211