mbublitz

ESET File Security for Windows Servers and KB4056892

Recommended Posts

I have seen discussions on the KB4056892 compatibility with ESET Anti-Virus AV, but what about the Eset File Security protection for Windows servers?  Is there a registry change that needs to be applied to systems using this protection prior to doing the Microsoft Updates?  If so, can someone explain what it is?

Product version on the servers is 6.0.12035.0.

Share this post


Link to post
Share on other sites

We've added the necessary registry value on all Windows systems. However, to my best knowledge Microsoft has released a patch only for Windows 10 so far.

Share this post


Link to post
Share on other sites
Posted (edited)

I am also interested in the answer to this.  I presently have ESET File Security for Windows Servers 6.4.n.n installed on a Windows 2008 R2 Server and after the recent windows update the system blue-screened (BSOD) on boot. 

Fortunately, I was able to get to a Command Prompt and recover using dism.exe /image:C:\ /cleanup-image /revertpendingactions.

ESET do not appear to mention compatibility with their Server product range ?? I'm wondering whether I need to update to the new 6.5.n.n release or fall back to an the Endpoint Antivirus solution in order to be able to apply the Microsoft Patch successfully? 

One further question: is the ESET server product really only needed where a WIndows Server is acting as a Domain Controller, as we have a number of Windows Servers in our infrastructure but not all are domain controllers?

Edited by SDS
Text Updated

Share this post


Link to post
Share on other sites

Us too please

Our file server has ESET 6.5.12014.0 (just upgraded it and re started to be sure) and we do not yet have KB4056892 showing up as installed or available in windows update.

Share this post


Link to post
Share on other sites

You can download the patch manually from the Win Catalog web site. After the patch has been applied and only applicable to Win Server OSes, you have to manually enable it as noted from an extract of the above posted Microsoft link:
 

Quote

Switch | Registry Settings

To enable the fix

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverride /t REG_DWORD /d 0 /f

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverrideMask /t REG_DWORD /d 3 /f

reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Virtualization" /v MinVmVersionForCpuBasedMitigations /t REG_SZ /d "1.0" /f

If this is a Hyper-V host and the firmware updates have been applied: fully shutdown all Virtual Machines (to enable the firmware related mitigation for VMs you have to have the firmware update applied on the host before the VM starts).

Restart the server for changes to take effect.

To disable this fix

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverride /t REG_DWORD /d 3 /f

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverrideMask /t REG_DWORD /d 3 /f

Restart the server for the changes to take effect.

(There is no need to change MinVmVersionForCpuBasedMitigations.)

 

Edited by itman

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


  • Recently Browsing   0 members

    No registered users viewing this page.