Eset product compatibility with meltdown fix

[ludolf 2]

Hello

To install this update, compatible antivirus has to be installed on the computers.

https://support.microsoft.com/en-us/help/4056892/windows-10-update-kb4056892
Due to an issue with some versions of Anti-Virus software, this fix is only being made applicable to the machines where the Anti virus ISV has updated the ALLOW REGKEY.

Contact your Anti-Virus AV to confirm that their software is compatible and have set the following  REGKEY on the machine
Key="HKEY_LOCAL_MACHINE"Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat"
Value Name="cadca5fe-87d3-4b96-b7fb-a231484277cc"
Type="REG_DWORD”
Data="0x00000000”

 

Where can we find the list of compatible products? Only found information regarding NOD32 antivirus.

thanks,
Vilmos

 

 

 

[MichalJ 330]

Hello, this issue has been addressed by a module update, which was released today at 7:45 CET.

Search for "Antivirus & Antispyware module 1533.3" within your product (help and support / about eset endpoint security / installed components).

 

[adpoliak 0]

I just sync'd my local update mirror (through definitions update 16682) and see no PCU files, nor do I see a newer release listed in the EEA 5 download page.

Will EEA 5.0.2271.0 receive a similar update for KB4056898 on Windows 8.1?

EDIT: Local workstation just upgraded to module version "1533.3 (20180104)"--answering my question. Leaving post as confirmation for others.

[PleaseClarify 0]

Hello

Please could you clarify expected results on this? On a number of systems with ESET File Security I can see that the module you quoted is in place. The registry key is also in place, but it is not clear if it is the presence of the key that is important or whether ESET is supposed to update the value, say from 0 to 1.

Is the presence of the key with value 0 enough, or should the ESET product be updating the key?

None of the installed systems are showing available updates with the key set to 0.

Thanks!

[ludolf 2]

Thanks!

[Marcos 2,908]

3 hours ago, PleaseClarify said:

Is the presence of the key with value 0 enough, or should the ESET product be updating the key?

Please read the initial post in this topic. Microsoft instructs AV vendors to create / set the Data value to 0 if their product is compatible with January Windows updates / patches.

[PhilS 0]

Are old versions of ESET/NOD32 compatible? Reason I ask is we have some clients that are no longer using it but the agent was left installed due to uninstallation issues we have yet to be able to resolve. I'd like to release their ability to get the updates by changing the registry key but I wasn't sure if previous versions are compatible with the 2018-01 MS updates. I'm presuming they are since it seems the change identified for your new version is simply the registry modification.

[Aryeh Goretsky 297]

Hello,

The module was released to all ESET users.  As long as your clients are downloading updates they should have received it and be good to do.  Here is an ESET knowledgebase article explaining how to check the versions of the various modules used in the software:  https://support.eset.com/kb3212/

Regards,

Aryeh Goretsky

8 hours ago, PhilS said:

Are old versions of ESET/NOD32 compatible? Reason I ask is we have some clients that are no longer using it but the agent was left installed due to uninstallation issues we have yet to be able to resolve. I'd like to release their ability to get the updates by changing the registry key but I wasn't sure if previous versions are compatible with the 2018-01 MS updates. I'm presuming they are since it seems the change identified for your new version is simply the registry modification.

 

[Marcos 2,908]

Quote

Reason I ask is we have some clients that are no longer using it but the agent was left installed due to uninstallation issues we have yet to be able to resolve.

If only ERA agent was left installed (ie. Endpoint is not installed any more), the registry won't be modified. It's a module used by Endpoint which performs the modification.

If you are having issues uninstalling ESET, feel free to contact our customer care. You can also create a new topic in our forum and ask for assistance. I'm also very interested in knowing what made those users remove ESET. Was it due to some issues that the users ran into?

[PhilS 0]

6 hours ago, Marcos said:

If only ERA agent was left installed (ie. Endpoint is not installed any more), the registry won't be modified. It's a module used by Endpoint which performs the modification.

If you are having issues uninstalling ESET, feel free to contact our customer care. You can also create a new topic in our forum and ask for assistance. I'm also very interested in knowing what made those users remove ESET. Was it due to some issues that the users ran into?

Sorry I should clarify... I'm not familiar with ESET. The product was on its way out of our company when I started, so I can't say one way or another. But it should be stated that I don't know the first thing about it other than being asked to remove it. I believe it was just a business decision there were no functionality complaints I am aware of.

That being said I wanted to clarify my question, when I search machines that have it installed via our LabTech installation, I'm seeing both ESET Endpoint AV and ESET NOD32 installed. Meaning those are still there. The question I'm asking is if I manually change the registry key to allow the 2018-01 MS updates, will ESET apps running on those machines cause the bluescreens/no boot situation described in some of the MS articles?

Basically the only reason for the reg key is to prevent the update from running on a machine that has AV that could cause bluescreen/no boot situations because it is addressing the CPU/memory in such a way that will cause these errors after the MS update is applied. Worded in another way, Webroot told us day 1: "We don't have a patch to change the registry key, but our product is already compatible with the updates, so please manually change the registry key and get updated". The crux of my question is whether or not the same is true with ESET.

[Marcos 2,908]

If ESET is installed properly, installing the MS updates should not cause any issues. However, if the registry value allowing the updates was not created because of ESET being in a weird state for instance, it's hard to tell what could happen after installing the updates. Personally I don't expect any issues, however, but who knows.

If you are unable to uninstall ESET, try using the Uninstall tool in safe mode.

I'm afraid that the move to Webroot was not smart. Just the fact that they are unable to make a simple registry change via a module update and require users to add the registry key manually doesn't show them in good light . On the contrary, ESET responded immediately to the announcement from Microsoft and prepared, tested and released the appropriate module update within a couple of hours. I'd like to bring into your attention a whitepaper describing ESET's multilayer protection technology: https://cdn1-prodint.esetstatic.com/ESET/US/docs/about/ESET-Technology-Whitepaper.pdf. Within the next few months we will be introducing new and improved products for enterprise, SMB and MSP users, such ESET Enterprise Inspector (a solution that focus on detecting, investigating, and mitigating suspicious activities and issues on hosts and endpoints), ESET Threat Intelligence (provides access to our threat intelligence data to enterprise users, e.g. to botnet reports, targeted phishing reports, certificate reports, etc.), new Endpoint security solutions with new threat detection and response technologies, a new security management tool with cloud support, etc. We have a lot to offer to both small, medium--size and even big enterprise customers and I believe that the company you work for will return to ESET in the future.

[Huolsam 0]

Hi,

im using Eset Antivirus 10.1.219.1, also the key "cadca5fe-87d3-4b96-b7fb-a231484277cc" is already set in 0x00000000.

can i run the new microsoft updates without problems ??

[Marcos 2,908]

11 minutes ago, Huolsam said:

can i run the new microsoft updates without problems ??

We don't know what OS you use. It appears that on Windows 7 quite a lot of users got BSOD after installing the update.

[Huolsam 0]

36 minutes ago, Marcos said:

We don't know what OS you use. It appears that on Windows 7 quite a lot of users got BSOD after installing the update.

Windows 10 v1709 (16299.98)

[itman 655]

1 hour ago, Marcos said:

It appears that on Windows 7 quite a lot of users got BSOD after installing the update

Most were users w/AMD processors installed. Microsoft has since pulled the update for like users for Win 7.

[Huolsam 0]

so is eset will make problems with new microsoft updates or no ??

[rekun 31]

No, Eset won't make any issues with the update. You don't have to do anything. 

[Huolsam 0]

19 minutes ago, rekun said:

No, Eset won't make any issues with the update. You don't have to do anything. 

Okay thanks ^^ i will update the system this night