Glitch

Correct but it will bring an additional burden. We had written consent of eset that upgrading to the latest version was not directly needed but eventually. Last week you even have updated the KB as you are still dealing with it and now eset is going to send out this notification in times that on-site hands are virtually impossible. It is so hard to convince our customers to stay with eset we have almost 8000 endpoints which will give this warning those 8000 will switch to another solution due this issue.

All people following this topic the show is not over. As per March 26th all certfix version 6.5 clients will go to yellow state that there is a new version available. All endpoints 6.5 which does not had certfix will go to status red! Welcome to ESET in quarantine times they will put us up with more work. Customer friendly as they are.

I think the fix for ESET 6.5 caused another issue: 1. Currently we see the event log of windows be flooded by : Error while updating status to SECURITY_PRODUCT_STATE_ON. which is caused by the windows security center as they don't see a registered product. 2. Registering the product using ecmd.exe /avregister will end in a : execution failed command. 3. Only way to resolve this is to reinstall the complete 6.5 version. Is there another way to force eset to register against windows ?

Hello?? Anyupdate we can’t deploy or can we invoice eset for the costs?

After the Certfix issue of ESET , ESET released a new Endpoint Antivirus version of 6.5 6.5.2132.5 however a new bug was introduced causing automatic roll out to fail. What happens is the following: We install the MSI using a command line script and cfg.xml next to it for all the default settings. It doesn't matter if the install is started via commandline or manually but the following happens: 1. ESET installs with no issues 2. When the software is activated the update failed because no username and password in the license (this is correct because it is a local install and the update mirror is local and the license does not contain the username and password). In the CFG.xml a local mirror location has been designated. 3.You open Advanced Settings and check the update folder which is correctly listed as according to the cfg.xml along with all the other settings (although the profile name is weird). Anyway when you press OK to save the settings 4. press update the system updates from the local mirror. withou any issues. The bug is that when you install ESET with the cfg.xml it sets all the settings as according to the cfg.xml file but it does not activate the settings untill you manually open the settings and press OK! This is an issue as we have 1000 PCs that we need to do manually which is not an option at this time.

It is because a large majority of the clients we manage is still using windows XP, they also use the NANO updates as it is not a single network. We are an MSP. Our new installs are 7.1 or 7.2. As ESET is also terible in managing high latency connections we can't use the ESMC as there are too many timeouts. I already explained this a couple of times on calls with ESET HQ in Bratislava and also when I visited the HQ. So are we planning to stay on 6.5 , no but upgrades will take time and will cost time and need to be planned we can't force our clients at this moment as their connections don't allow it to receive large amounts of data such we need months. Next to that the new updates are larger than the old updates. Yes yes we know the latest the greatest, for customers we do 24/7 SOC services we only have the latest versions install and so but we are in a specific sector that it is not possible. And yes I agree updating is better and so one but that is all for another time. At this time it is important that we can: 1. Rectify all machines back 2. Start protection again. 3. Get them updated.

Any update on this?

@Marcos What about the endpoints that request a username and password when you go to advanced settings after applying the patch? Also any update if we NEED to update after applying the 6.5 patch? Like 10000+ workstations updaten without any era would take a few months.

EES: hxxp://repository.eset.com/v1/com/eset/apps/business/ees/windows/v6/6.5.2132.5/ees_nt32_enu.msi hxxp://repository.eset.com/v1/com/eset/apps/business/ees/windows/v6/6.5.2132.5/ees_nt64_enu.msi EEA: hxxp://repository.eset.com/v1/com/eset/apps/business/eea/windows/v6/6.5.2132.5/eea_nt32_enu.msi hxxp://repository.eset.com/v1/com/eset/apps/business/eea/windows/v6/6.5.2132.5/eea_nt64_enu.msi

Indeed some clients not all also ask for a password when entering in to advanced settings! after applying the patch. How to solve this?

can you explain what you mean with this that they NEED to upgrade??? We have already applied the certfix on Monday and that is working and are using it on a couple of thousand endpoints to bring them back. What do you mean that we need to upgrade???

I understand just trying to assist in this matter we have issues and thousands of endpoints. Although we had a version that was able to fix with certfix they create but still a lot of manual operations.

Workaround is to set back the system date of that machine to February 6th, after that ESET will be alive again and you can upgrade via the console. Keep in mind that database applications sometimes can't handle date changes. Other options is to set back the date, ESET will recover, press Update now and the fixed will be installed, reset the date back and upgrade.

Yes there is you patch that you need to run depending on the network you can push it via a gpo for example.

Actually there is a fix

Yes it is silent by itself.

In that case make a user with admin rights and run it via a batch script same result.

you can deploy it via gpo using powershell to run it.

We have been testing the fix since this morning and seems to work. Run it as an administrator and it will instantly fix the ESET instance.

I would really recommend to ESET to stop saying please upgrade to version 7 etc etc yes yes we know the latest and greatest but it is frustrating as it does not help us at this moment. You are saying that with version 7 this could never happen although version 7 also has bugs. Just keep to the facts and release fixes. for example please upgrade how? Via the era does not work! Because 6.5 is not working so you need to set back the system date first which causes a database crash if you have such programs so please keep the facts make a fix we will loose business due to this.

And in larger network changing dates can cause big issues!

True but 6.6 can’t update anymore due to a certificate change on January 27th. We are eagerly awaiting a hot fix.

Please but please stop with the we recommend to upgrade message yes we get it the latest the greatest but in the current scenario it is not an option we can now confirm that we have issues on over 17000 endpoints! Upgrades are scheduled and not forced as it can cause more harm than do any good. Version 6.5 is in full support still so for us it is very frustrating to hear: please upgrade please upgrade. As a security company ESET has made a real large security hole as all those endpoints are not protected.

Wondering how this would be fixed. The please upgrade is not an option for large networks and the versions are still in support. We have over 15000 nodes without any protection at this moment. Those nodes run without and ERA in special environments.

Ok what should we deliver to support in order to have this examined further. We have ERA running latest version EES and we want to block websites. The only issue is that if you are not clearing the cache of the browser the user can still visit the webpages on our system.