V2TW 3 Posted May 9, 2017 Share Posted May 9, 2017 (edited) As titled I have a customer saying some of their users are using Kaspersky Small Office Security installer to uninstall their password protected ESET Endpoint Security deployed to get around access restrictions. I have tested myself steps below: Steps. 1. Set an access password for Endpoint Security, either via policy or on the Endpoint. 2. Make sure access password is working by trying to uninstall Endpoint via Programs and Features applet, password prompt should appear. 3, Download Kaspersky Small Office Security 5: https://support.kaspersky.com/ksos5pc , run the installer, ESET Endpoint Security gets detected and fully uninstalled without user interaction(besides clicking next). Tested on Endpoint Security 6.5.2094, Wndows 7 There certainly seems to be some bypass that Kaspersky is using for the uninstall. Is there any way to prevent this? Edited May 9, 2017 by V2TW Link to comment Share on other sites More sharing options...
ESET Staff MichalJ 430 Posted May 9, 2017 ESET Staff Share Posted May 9, 2017 Hello, thanks for reporting. We will check how this is done. It might happen, that Kaspersky is using some undocumented APIs, to remove ESET from the operating system. We will report back, once we have determined how the competitive solution works. Link to comment Share on other sites More sharing options...
Recommended Posts