Kaspersky Small Office Security is able to fully uninstall password-protected ESET Endpoint Security

[V2TW 3]

As titled I have a customer saying some of their users are using Kaspersky Small Office Security installer to uninstall their password protected ESET Endpoint Security deployed to get around access restrictions. I have tested myself steps below:

Steps.

1. Set an access password for Endpoint Security, either via policy or on the Endpoint.

2. Make sure access password is working by trying to uninstall Endpoint via Programs and Features applet, password prompt should appear.

3, Download Kaspersky Small Office Security 5: https://support.kaspersky.com/ksos5pc , run the installer, ESET Endpoint Security gets detected and fully uninstalled without user interaction(besides clicking next).

Tested on Endpoint Security 6.5.2094, Wndows 7

There certainly seems to be some bypass that Kaspersky is using for the uninstall. Is there any way to prevent this?

Edited May 9, 2017 by V2TW

[MichalJ 434]

Hello, thanks for reporting. We will check how this is done. It might happen, that Kaspersky is using some undocumented APIs, to remove ESET from the operating system. We will report back, once we have determined how the competitive solution works.