mbublitz 1 Posted January 4, 2018 Share Posted January 4, 2018 I have seen discussions on the KB4056892 compatibility with ESET Anti-Virus AV, but what about the Eset File Security protection for Windows servers? Is there a registry change that needs to be applied to systems using this protection prior to doing the Microsoft Updates? If so, can someone explain what it is? Product version on the servers is 6.0.12035.0. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,250 Posted January 4, 2018 Administrators Share Posted January 4, 2018 We've added the necessary registry value on all Windows systems. However, to my best knowledge Microsoft has released a patch only for Windows 10 so far. Link to comment Share on other sites More sharing options...
mbublitz 1 Posted January 4, 2018 Author Share Posted January 4, 2018 https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution There are fixes for Windows Server as well. Can you confirm if the registry setting change is the same for the Eset File Security as it is for the Eset AV product for Workstations? Link to comment Share on other sites More sharing options...
SDS 0 Posted January 6, 2018 Share Posted January 6, 2018 (edited) I am also interested in the answer to this. I presently have ESET File Security for Windows Servers 6.4.n.n installed on a Windows 2008 R2 Server and after the recent windows update the system blue-screened (BSOD) on boot. Fortunately, I was able to get to a Command Prompt and recover using dism.exe /image:C:\ /cleanup-image /revertpendingactions. ESET do not appear to mention compatibility with their Server product range ?? I'm wondering whether I need to update to the new 6.5.n.n release or fall back to an the Endpoint Antivirus solution in order to be able to apply the Microsoft Patch successfully? One further question: is the ESET server product really only needed where a WIndows Server is acting as a Domain Controller, as we have a number of Windows Servers in our infrastructure but not all are domain controllers? Edited January 6, 2018 by SDS Text Updated Link to comment Share on other sites More sharing options...
PaulP 0 Posted January 11, 2018 Share Posted January 11, 2018 Us too please Our file server has ESET 6.5.12014.0 (just upgraded it and re started to be sure) and we do not yet have KB4056892 showing up as installed or available in windows update. Link to comment Share on other sites More sharing options...
itman 1,746 Posted January 11, 2018 Share Posted January 11, 2018 (edited) You can download the patch manually from the Win Catalog web site. After the patch has been applied and only applicable to Win Server OSes, you have to manually enable it as noted from an extract of the above posted Microsoft link: Quote Switch | Registry Settings To enable the fix reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverride /t REG_DWORD /d 0 /f reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverrideMask /t REG_DWORD /d 3 /f reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Virtualization" /v MinVmVersionForCpuBasedMitigations /t REG_SZ /d "1.0" /f If this is a Hyper-V host and the firmware updates have been applied: fully shutdown all Virtual Machines (to enable the firmware related mitigation for VMs you have to have the firmware update applied on the host before the VM starts). Restart the server for changes to take effect. To disable this fix reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverride /t REG_DWORD /d 3 /f reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverrideMask /t REG_DWORD /d 3 /f Restart the server for the changes to take effect. (There is no need to change MinVmVersionForCpuBasedMitigations.) Edited January 11, 2018 by itman Link to comment Share on other sites More sharing options...
Recommended Posts