ShaneDT

OK no worries. Yes it is in the Common Features policy. I was looking in ESET Endpoint for Windows policy... I've never even looked at Common Features policy before. You guys make this stuff so incredibly complicated.... I'll have a look into this and test it in the next couple of days.

Why did all my posts get deleted?

Marcos when I go into policy settings for EES on my ESET Protect Cloud service there is no option for Stop Updates At. The only option I have is Auto-Updates On/Off.

Don't remember seeing the 'stop updates at' option in the policy settings. I really wish it was possible to export all policy settings to xml or Excel so it was easier to compare policies. And then have a partner notification anytime a policy setting is added or changed. There are so many policy settings it literally takes hours to go through and compare when you are supporting multiple customers with multiple settings Anyway I'll have a look at the stop updates at setting. The v11 issues I was referring to was the well documented v11.0.2024 I think it was? I haven't had time to test the latest 2044.

Hi Marcos, sure, but Software Install is the only way to control what version the software is updated to. I assumed "Check for product update" just checks for available updates. So this installs the latest update? Does this update all installed ESET products including the Agent as well? Again though I don't want to be installing hundreds of computers with the latest version. I want to be installing the latest version that I HAVE TESTED. I know ESET is generally fairly reliable with their releases but the recent v11 update is reason enough to never trust the latest version of any software.

Can we have a 'Product Update' option in Tasks. Currently the only option is 'Software Install' but this requires assigning a license to the task. So if you have 100 customers you have to create 100 separate tasks to run a product update on all their computers. There is an option for Modules Update so why no option for Product Update? It should be exactly the same as 'Software Install' but without the requirement to assign a licence. Also the "Update ESET Products" option in the Computer Update menu could be a viable alternative but it doesn't allow you to select what version you want to upgrade to, it forces you to upgrade to the latest version, which as we've found out recently is not always a good idea. Changing this so we can select which version to upgrade to would be helpful. Thanks.

Thanks Marcos

Is there an official list somewhere of the supported browsers with the current version? Thanks

Don't worry, you don't have to convince me. If ESET had the product I was looking for I wouldn't even consider looking elsewhere. Re the permissions for ECOS, so for example it includes 'Read and Write files in all site collections'. So as an example this essentially gives ECOS full access to everything on SharePoint and OneDrive for all users. I realize the application needs to be able to do this to scan the files and quarantine anything detected, but yeah nah I don't want to give any third party app direct access into my tenant, nor would I consider this for most of my customers. Anyway, if ESET does introduce a gateway product please let me know

Currently when you click on Details / Hardware for a computer object in ESET Protect Cloud, if the computer has multiple hard drives, it lists the drives, but it lists free space as 'Aggregated Free Space'. It would be much more useful if this listed the individual drives free space. One of my clients has a 256GB SSD & a 1TB HDD. I received an alert on the weekend 'There is not enough free disk space available' but when I check on ESET Protect it tells me there is 'Aggregated Free Space' of 600GB. Of course I can assume the 256GB drive is full, but this morning I don't know if the user has already fixed the problem or not. It would be much better to have free space listed for each drive detected.

Thanks for your detailed reply. I think there is a place for a product like ECOS but equally I think a simple in front gateway has its place as well. Not everyone is going to want such a complicated solution to a simple problem. Nor will everyone be comfortable providing integration to their tenants for third party applications. As secure as I'd expect ECOS would be, every connection is another potential weakness. So until ESET releases a cloud managed email gateway, sadly I'll need to look elsewhere. Any recommendations

No response or answers, even from Marcos? Sadly it looks like I'll be going with another vendor for this.

Well today I manually uninstalled v11 and reinstalled v10 on all my computers. Since my last post my office PC has stopped responding multiple times and has been sluggish. My sons laptop he uses for gaming and school has been almost unusable. With school starting I finally found time to look at it Uninstall v11 and reinstall v10 and both computers are now back to normal performance. v11 is clearly the problem. I can't believe this hasn't been prioritised for an urgent update! It can't be doing the brand any reputation favors. The fallout from a version update this bad can hang around for years! I'm just glad my customer computers didn't upgrade automatically and I caught it in time! I would not have been happy having to uninstall v11 on hundreds of computers...

One of the reasons I use and recommend ESET antivirus to all my customers is the ESET add-in for Outlook. Microsoft 365 Exchange Online (EO) servers do a good job of filtering out threats but some malware especially phishing emails still get through. ESET does a very good job of filtering these out once received by Outlook. Very rarely do I see anything malicious get through to a users Inbox. But of course this only works when the email is first received by Outlook. If the email is first received in Outlook Web or on a mobile device, it's not scanned or removed by ESET. So I'm looking for a traditional email scanning solution, an online service that scans all incoming emails before they get to Exchange Online. ie where you reconfigure your MX record to point to the scanning service for mail delivery, it then scans all emails for your Domains, then forwards them onto Exchange Online. So my first stop is of course ESET. But ESET doesn't seem to have this type of product. Instead now we have ECOS which connects to and integrates with the Office 365 tenant. So I have a few questions about ECOS please. From what I've researched it appears ECOS is licenced based on the number of users protected. By default if selecting the automatic setting it detects and protects all licenced users only. With this default setting, does that mean emails sent to shared mailboxes and distribution groups are not scanned? If manually adding the shared mailboxes I assume each of these would then count for an additional licence? What about distribution groups - can these also be selected for protection? From my understanding of researching so far, ECOS doesn't actually sit in front of Exchange Online, EO actually 'passes' emails to ECOS to be scanned. And it seems there are instances where this does not happen (post on here about forwarded emails from shared mailboxes)? So it appears there is NO WAY to ensure ALL incoming emails are scanned by ECOS? As ECOS is relying on EO to deliver emails for scanning, which doesn't always happen.

Marcos surely there should be a faster hotfix release to fix this level of bug? Note I haven't had any further issues but I haven't had any of my customer devices update to v11 yet, it was only my internal computers that updated. And sorry no I haven't had time to look at generating logs or investigating why removing the update policy didn't stop the v11 updates on my internal computers.

Marcos, I've had a couple more computers auto upgrade to v11 today even though I changed the policy. This was on my 'internal' ESET PROTECT CLOUD service where up until yesterday I did still have the Common Features auto update policy. I also had Product Updates enabled in a separate ESET Endpoint for Windows policy applied to all computers. The following settings were enabled: Update / Product Updates / Auto Updates (=>v9.0). Update / Profiles / My Profile (only profile listed) / Product Updates / Update Mode / Auto Update (though this is for =<v8.x) Yesterday I removed the Common Features auto update policy and disabled Update / Product Updates / Auto Updates (=>v9.0) (policy enabled but setting unselected) and also enabled the following setting. Update / Profiles / My Profile (only profile listed) / Product Updates / Pause Auto-Updates (=>v9.0). So why are my computers on this server still auto updating? Note on my customer ESET PROTECT CLOUD service, the Common Features auto update policy was removed months ago, but Update / Product Updates / Auto Updates (=>v9.0) was enabled. I disabled this yesterday on this service and also enabled Pause Auto-Updates. So far none of these computers have auto updated to v11.

Since my posts above though WIndows hasn't locked up again, so maybe a few restarts fixed it. I'll post up again over the next few days if I have any further lockups.

Hi Marcos, no I unassigned that policy. Initially primarily as I didn't want servers auto updating. But in hindsight I think it's much safer not to have it

Though it seems disabling the Product Update setting / enabling Product Updates Pause has no effect anyway... I changed these policies earlier today. I've just installed ESET on a new Windows 10 build, installed as v10.1.2046. First thing it did was auto update to v11.0.2032. I've double checked the applied policies and there is no policy with Product Updates enabled. Gotta love it when ESET policies work as expected

Turns out only my personal office PC and notebook have so far upgraded. All 300 odd customer computers still on v10. To be safe I've selected the 'Pause Update' setting in policy. On my customers ESET PROTECT CLOUD server when setup I had removed the Common Features auto update policy. So probably explains why none of these have updated yet. I've now also disabled Product Update >v9 in policy. On my internal ESET PROTECT CLOUD server i did have the Common Features policy still applied, but only the 2 computers so far auto updated to v11. I've now removed this policy on this server also. Please let us know when this has been fixed. So far on my notebook I have had to force restart a couple of times. On my PC it seems to respond again after 5mins or so.

I'm seeing this also from yesterday on two computers that just auto upgraded to 11.0.2032.0. When it happens Windows is completely non responsive, can't even Ctl+Alt+Del to bring up Task Manager. Scrambling now to disable auto program updates on all my customer computers...

Update. So it looks like the users did manually download and install the v10 software. I guess they've seen the prompt about the installed version being end of life and taken the initiative... I'm surprised though being these are managed clients and password protected that they were able to do this? Is there a way we can block this from happening?

Sorry have been busy end of year and trying to go on leave, and customers the same. Yes these particular computers the users would have local admin rights, but can you actually manually download and run the installer if the client is managed and password protected? If you can wouldn't this break activation? I've never tried it so don't know. If it's possible then this might explain it, but unlikely as they would have contacted me before doing anything like this.

Hi Peter, That's not what's happening in my environment. I don't think any of my 9.0's have updated to 9.1, but I do have 7 computers that have auto updated to 10.0.2034.0. I'm right now manually pushing out 9.1.2060.0 to all clients re these EOL alerts.

Hi Marcos, all my managed computers across all customers have the same policy settings, only difference is the password. As of today, only around 5% have updated, and half a dozen have actually updated to the latest v10 release already. All with the same policy settings assigned. Most of them are still on v9.0 which I manually deployed a while back, any installed since then are still on the version they were installed as.