ESET 6.7.500.0 and 10.14 Mojave TCC issue)

[karlmikaeloskar 6]

Hi!

Seems like if I

1. deploy profiles whitelisting Eset Agent, EEA and the kext
2. install EEA using the agent
3. wait for the "Your computer is not fully protected" alert
4. just click the red x to close the alert window instead of choosing restart or "Open system Preferences" the applications works as intended. I just tested once but this is what I found.

[THahnke 0]

Hi @karlmikaeloskar,

Does the "Your computer is not fully protected"  alert re-appear on reboot?

[TomasP 316]

Hello,

Thanks everyone for providing your feedback. We have a new build ready in which we changed detection of granted FDA to EES.

I will be contacting you privately with the download link.

Regards,
Tomas

[brandobot 2]

32 minutes ago, TomasP said:

Hello,

Thanks everyone for providing your feedback. We have a new build ready in which we changed detection of granted FDA to EES.

I will be contacting you privately with the download link.

Regards,
Tomas

Just installed this new version. No pop-up once installed. I used my existing TCC exclusion profile. I will continue monitoring to make sure no other unexpected behavior pops up.

[THahnke 0]

@TomasP,

I Installed the new beta build on our test machines. I used the existing profile to allow ESET access and I have not received a pop-up prompting for access. Thank you for you help

[Beatlemike 0]

I've also installed it on two test machines and no popups... I did get a message that the agent is not optimized, but TCC is no longer an issue.

 

[JetPants 1]

@TomasP,

 

I am working on the same PPPC/TCC issues at my institution and would like to get a beta version, however we are using EEA.  Is this still possible?

Edited December 7, 2018 by JetPants

[andrew.nicholas 0]

Is there any date on when this might be published as a production release? 

[TomasP 316]

Thank you all for your valuable testing and feedback, I will update our development team with your findings.

@JetPants I will contact you via a personal message.

@andrew.nicholas No date has been set yet, please watch https://support.eset.com/news/ for release announcements (you can also subscribe to receive email updates from the feed).

UPDATE: The release is preliminarily scheduled for January 2019.

[JetPants 1]

The Beta installer also resolved the PPPC/TCC issues.  I was able to successfully stage a ESET Full Disk Access whitelist, and thus keep a popup from asking a user to allow FDA....Thanks for the help!

[brandobot 2]

Thanks for your help @TomasP Looking forward to the future release as the current 6.7 is not deployable with the current issue.

[ondrish 0]

Hi Everyone, 

Im trying to create a push or download profile in Profile Manager that will allow Full Disk Access for EES/EEA. I have used PPC utility to get all data for the plist, but tcc is not changed once the settings are pushed. Could anyone please share their config profile that is working for them? I must be doing something wrong but can't figure out what exactly. 

Thank you

[JetPants 1]

@ondrish, it was less an issue of the Config profile not working, and more an issue with the version of the ESET client.  @TomasP provided me with a new client that did honor the Full Disk access whitelist.  Hope this helps.

Edited December 27, 2018 by JetPants

[SysEPr 4]

I'm having the same issue. @TomasP is it possible to send me the beta build as well?

[Peter Randziak 1,130]

Hello @SysEPr,

I have send it to you few moments ago via a PM.

Regards, Peter

[Nathan Fishback 0]

Hello @TomasP/@Peter Randziak.  I'm also running into the issue of full disk access for EEA 6.7.500.  Could I request a "Fixed" version of the app as well?  It would be much appreciated.

Edited January 8, 2019 by Nathan Fishback

[Glaucus 0]

Hello @TomasP and @Peter Randziak - we, too, are running into the same issue with ESET's interaction with the TCC profiles at our institution. Would you be able to forward the beta client to me, as well? Thanks.

[Peter Randziak 1,130]

Hello @Nathan Fishback and @Glaucus,

sure, will send you the details in few minutes via private messages.

Regards, P.R.

[andrew.nicholas 0]

@TomasP and @Peter Randziak is there any updated time frame for when the stable release will be made available?

[TomasP 316]

Hi @andrew.nicholas,

We expect it to be released no later than in the upcoming few days.

T.

[AlexW 2]

Hi everyone,

build 6.7.600.0 was released on Jan 10 and is available on our websites, and the pkg installer can be downloaded from the KB article https://support.eset.com/kb7026/

Please let us know should any of the issues persist even with this build.

Thank you.

Alex.

[Nick M 3]

@AlexW, Endpoint Antivirus 6.7.600.0 has been available for about a week, as you mentioned. So it predates the recent posts in this thread. Do you mean that a new version of 6.7.600.0 is available (with no version number change), which fixes the full disk access issue that @TomasP was talking about a couple of days ago? In that case, can we continue using preexisting client software install tasks that are set to use that version number, or do we need to recreate them?

 

Thanks for your help!

[TomasP 316]

@Nick M, my last post in this thread was on January 9. The release happened on January 10.

All the previous posts from earlier this month and from December were referencing the build released on January 10.

The build does not predate any posts in the thread.

[Nick M 3]

Ah, apologies for my apparent total inability to correctly read dates. Don't know what happened there.

 

I just pushed Endpoint Antivirus 6.7.600.0 using a client software install task, and the client machine still showed a popup asking for full disk access (screenshot attached here). This is the second install of this build that I've done, with the same behavior.

[Glaucus 0]

Hi @Nick M - just talking as just another enterprise user here, but there's no way for ESET or other developers to avoid these prompts asking for Full Disk Access, if this access is needed by the application, due to the new Privacy Preferences Policy Control (PPPC) system that Apple has included in Mojave.

The only way for an enterprise to avoid these notifications is using a PPPC configuration profile deployed via an approved MDM solution which whitelists specific permissions for ESET and other applications. Rich Trouton has a good introduction to these new permissions and the requirements around them here: https://derflounder.wordpress.com/2018/08/31/creating-privacy-preferences-policy-control-profiles-for-macos/

What version 6.7.600.0 of ESET Endpoint Antivirus resolves is the application honoring these PPPC config profiles when present on the system. Version 6.7. 500.0 prompted for Full Disk Access, even when the appropriate permission was granted by one of these profiles. This newer version, at least in our environment using JAMF Pro as our MDM, now launches correctly without the prompt for Full Disk Access.

Edited January 17, 2019 by Glaucus