First US-CERT issuing a warning to ESET. Now this. Yes ESET is vulnerable. https://cybellum.com/doubleagent-taking-full-control-antivirus/
Why the hell isn't ESET things that are recommended by Microsoft?
1, In order to inject a fake verifier dll, one would have to modify values for ekrn.exe and egui.exe under IFEO but these have been protected by self-defense since v4.2.
2, We are aware that some non-crucial processes are not currently protected by self-defense, however, in order to modify the registry an attacker would have to gain admin rights. Even if that happened, it wouldn't make much sense to spend time injecting a malicious dll into an unprotected less important process just to disa