Jump to content

Changelog for ESET11


0xDEADBEEF
 Share

Recommended Posts

Glad to see that ESET11 is finally available in multiple languages. Just wondering what's the fundamental changes compared to v10 (for both detection techniques and perhaps low level architecture/engineerings)? Also, can someone elaborate more about the UEFI scan/protect mechanism that is mentioned in blog several days ago?

Edited by 0xDEADBEEF
Link to comment
Share on other sites

23 minutes ago, itman said:

Did you see this: https://support.eset.com/kb6564/#UEFIScanner ?

Until Eset updates their existing "Eset Technologies" documentation, I believe this will be the most detailed info available on the UEFI BIOS detection scanner.

hmm didn't find this page. Thanks for the info!

But just wondering if the UEFI scan will be subject to some hijack, since the firmware itself lies on lower level, will it be able to simply return the fake "normal" firmware?

Edited by 0xDEADBEEF
Link to comment
Share on other sites

Would not be surprised if Eset's UEFI BIOS scanner is based on a tool developed by Intel Security. You can read about that here: https://www.scmagazineuk.com/intel-security-responds-to-efi-rootkit-malware-updates-detection-tool/article/643799/ .

Intel released it as open source and is loaded at GitHub as part of Chipsec: https://github.com/chipsec/chipsec . Chipsec documentation here: https://github.com/chipsec/chipsec/blob/master/chipsec-manual.pdf

Warning: Don't fool around with Chipsec on other than a test PC and read thoroughly all warnings associated with the software.

 

Link to comment
Share on other sites

7 hours ago, itman said:

Would not be surprised if Eset's UEFI BIOS scanner is based on a tool developed by Intel Security. You can read about that here: https://www.scmagazineuk.com/intel-security-responds-to-efi-rootkit-malware-updates-detection-tool/article/643799/ .

Intel released it as open source and is loaded at GitHub as part of Chipsec: https://github.com/chipsec/chipsec . Chipsec documentation here: https://github.com/chipsec/chipsec/blob/master/chipsec-manual.pdf

Warning: Don't fool around with Chipsec on other than a test PC and read thoroughly all warnings associated with the software.

 

Yes I also saw this when reading ESET's blog post. Just not sure what the limitation will be using this technique

Link to comment
Share on other sites

  • Administrators
8 hours ago, itman said:

Would not be surprised if Eset's UEFI BIOS scanner is based on a tool developed by Intel Security. You can read about that here: https://www.scmagazineuk.com/intel-security-responds-to-efi-rootkit-malware-updates-detection-tool/article/643799/ .

I can confirm that we do not use any third-party software to scan UEFI. It's a feature fully developed by ESET.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...