Jump to content

Archived

This topic is now archived and is closed to further replies.

cookieboy69

Endpoint Security Anti phishing non functional

Recommended Posts

All we need now is some ransomware to be released and the majority of ESET protected machines that have no fix and cannot update or un-install will be infected... Tell me im wrong...!!!!! If this is not a serious as it comes for a security product i don't know what is. I have several companies I support ringing asking if they are secure, and I have to say no, but we are waiting on a fix. Most are now asking if we can change product....!!!!!!

Share this post


Link to post
Share on other sites

I'm happy to say that the issue seems to be resolved on the PCs I've made a test run on. Furthermore, on Windows Server 2003 AD, it suffices to create a new gpo with a startup script the fix file itself, provided that the file is placed in files section of the gpo. It ran via group policy without issues on 3 systems, so I'm now deploying globally. Will let you know how that goes.

Share this post


Link to post
Share on other sites

Have you released a 6.5 Endpoint Security installer which has the bug fixed yet?

Share this post


Link to post
Share on other sites

Hello, I have version 6.5.12014.1 EFSW what I do? I restart server. Antyvirus not working.

Share this post


Link to post
Share on other sites

Hello, when is the patch for Endpoint 5.0 expected ?

Share this post


Link to post
Share on other sites
22 minutes ago, alur said:

Hello, when is the patch for Endpoint 5.0 expected ?

A fix for Endpoint v5 will be ready within today for most common language versions. It will install the latest version of Endpoint 5.0.2271 which is not affected on already malfunctioning systems.

If you don't have many machines affected, you could do the following:
- temporarily shift the date to Feb 7 or earlier
- reboot the machine
- ESET should load alright. Uninstall it and reboot the machine.
- If you don't have old systems with Windows XP, install the latest version 7.2, otherwise download and install 5.0.2271. If you have Windows XP, we're going to publish v6.5 with the issue fixed, upgrade from 5.0.2271 to it when available.
- You can stay with Endpoint v5.0.2271 if you cannot afford to upgrade to newer versions for whatever reason, however, please take into account that Endpoint v5 is approaching End Of Life and it cannot provide as good and effective protection against current malware as v7+ does.

Share this post


Link to post
Share on other sites

Has anyone tried pushing this out via SCCM yet?  Also, are there any negative effects if apply the fix to machines that don't need it (specifically, other versions)?  

Share this post


Link to post
Share on other sites

In large network you can use some software like https://www.exemsi.com/

to convert EXE to MSI file and install in by Software install task.

We test it and it is working find , just set to run certfix.exe after installation.

 

Share this post


Link to post
Share on other sites
1 hour ago, Marcos said:

A fix for Endpoint v5 will be ready within today for most common language versions. It will install the latest version of Endpoint 5.0.2271 which is not affected on already malfunctioning systems.

If you don't have many machines affected, you could do the following:
- temporarily shift the date to Feb 7 or earlier
- reboot the machine
- ESET should load alright. Uninstall it and reboot the machine.
- If you don't have old systems with Windows XP, install the latest version 7.2, otherwise download and install 5.0.2271. If you have Windows XP, we're going to publish v6.5 with the issue fixed, upgrade from 5.0.2271 to it when available.
- You can stay with Endpoint v5.0.2271 if you cannot afford to upgrade to newer versions for whatever reason, however, please take into account that Endpoint v5 is approaching End Of Life and it cannot provide as good and effective protection against current malware as v7+ does.

For XP 6.5.2132 is now working find with current patch.

is 6.5.2132 supported to WinXP ?

 

Official version for windows XP is

Business Products: Version 6.5.2118.x  that can be patched right now.

Share this post


Link to post
Share on other sites
3 hours ago, andyuni said:

im currently on version 6.5.2094.0 and currently over 200 pcs are having issues with this bug, do you have a patch for this version that will resolve all the machines?? it isnt letting me uninsall the eset software as well. 

 

ps. iv already tried the patches available and they do not work.

 

Share this post


Link to post
Share on other sites
1 hour ago, andyuni said:

im currently on version 6.5.2094.0 and currently over 200 pcs are having issues with this bug, do you have a patch for this version that will resolve all the machines?? it isnt letting me uninsall the eset software as well. 

 

ps. iv already tried the patches available and they do not work.

Same problem here, we have version 6.5.2094 and the fix do not work.

Share this post


Link to post
Share on other sites
1 hour ago, andyuni said:

 

you can send a Run Command task with this command :

date 01-02-2020 & Shutdown /r /f

then after restart send upgrade task for clients.

you must temporary disable Date sync and Be sure that Date not sync after restart with AD.

 

Share this post


Link to post
Share on other sites

Thanks! Ran the EXE using our remote management system (Labtech), all but two servers responded to the fix immediately.

Share this post


Link to post
Share on other sites

Update (Feb 11, 17:00 CET):
The Update module 1074.2 is currently on the pre-release update channel and fixes the issue for any v6.5 products on machines that have not been restarted yet and the product is in working state (ie. update and protection works). We plan to release the module for all users in an hour (18:00 CET).

Share this post


Link to post
Share on other sites

Thank you for all your help, I was wondering when fix file will be available for 6.5.2107.1 version?

Share this post


Link to post
Share on other sites
57 minutes ago, Marcos said:

Update (Feb 11, 17:00 CET):
The Loader module 1074.2 is currently on the pre-release update channel and fixes the issue for any v6.5 products on machines that have not been restarted yet and the product is in working state (ie. update and protection works). We plan to release the module for all users in an hour (18:00 CET).

1074.2 Pre-release solved 6.5.2132 Issue.

So if date change to 06-02-2020 and then AV update , problem will solve completely in v6.5 with out fixtool.

Share this post


Link to post
Share on other sites

Where you can download the patch for version 5, the third day without protection, this is serious.
I waited at
18:00 CET but I do not see the links

Share this post


Link to post
Share on other sites
9 hours ago, Noel Allan said:

All we need now is some ransomware to be released and the majority of ESET protected machines that have no fix and cannot update or un-install will be infected... Tell me im wrong...!!!!! If this is not a serious as it comes for a security product i don't know what is. I have several companies I support ringing asking if they are secure, and I have to say no, but we are waiting on a fix. Most are now asking if we can change product....!!!!!!

We have released a new version of the Update module which fixes the issue for all affected v6.5 users that can update. If ransomware is of concern, I'd like to mention that affected products do not have Ransomware shield and other advanced protection mechanisms to protect from current malware. Ransomware shield was first added in versions that were not affected by the issue, in particualar Endpoint 6.6 and in Endpoint 7 it has been improved and other protection layers were added as well, such as advanced machine learning, deep behavior blocker, protected service, AMSI and script scanners, etc.

Tomorrow we expect an ultimate solution to be ready for everyone who was affected, including Endpoint v5. After fixing the issue we recommend to upgrade to the latest version 7.2 wherever possible. There should be also v6.5 installers available for those with Windows XP and Windows Server 2003 who cannot upgrade to a newer version.

Share this post


Link to post
Share on other sites
16 minutes ago, alur said:

Where you can download the patch for version 5, the third day without protection, this is serious.
I waited at 18-00 but I do not see the links

We are still working on a fix for Endpoint v5. Besides mechanisms that we had to incorporate into it, the fix will install upgrade Endpoint v5 to the latest version that is not affected by the issue, ie. v5.0.2271. Endpoint v5 is about to reach End Of Life towards December 2020, ie. further engine updates will not be guaranteed then.

If you don't have many machines in the network, you can fix it relatively quickly as follows:

1, Ideal case when you don't need to stay with Endpoint v5 and want to be protected to the maximum extent against current threats:
- Set the system date to Feb 7 or earlier
- Reboot the machine
- Uninstall Endpoint v5
- Set a correct system date
- Install Endpoint v7.2 (contains Ransomware Shield, Advanced machine learning, Deep behavior inspection, AMSI and script scanners, streamed updates, etc.)

2, If you cannot upgrade to Endpoint v7.2 for a good reason:
- Set the system date to Feb 7 or earlier
- Reboot the machine
- Uninstall Endpoint v5
- Set a correct system date
- Install Endpoint 5.0.2271

Share this post


Link to post
Share on other sites
1 minute ago, Marcos said:

We are still working on a fix for Endpoint v5. Besides mechanisms that we had to incorporate into it, the fix will install upgrade Endpoint v5 to the latest version that is not affected by the issue, ie. v5.0.2271. Endpoint v5 is about to reach End Of Life towards December 2020, ie. further engine updates will not be guaranteed then.

 is still time until December 2020.
Version 5.0 is good, easy, understandable and the ERA server is excellent.

Share this post


Link to post
Share on other sites
2 hours ago, Marcos said:

We have released a new version of the Loader module which fixes the issue for all affected v6.5 users that can update. If ransomware is of concern, I'd like to mention that affected products do not have Ransomware shield and other advanced protection mechanisms to protect from current malware. Ransomware shield was first added in versions that were not affected by the issue, in particualar Endpoint 6.6 and in Endpoint 7 it has been improved and other protection layers were added as well, such as advanced machine learning, deep behavior blocker, protected service, AMSI and script scanners, etc.

Tomorrow we expect an ultimate solution to be ready for everyone who was affected, including Endpoint v5. After fixing the issue we recommend to upgrade to the latest version 7.2 wherever possible. There should be also v6.5 installers available for those with Windows XP and Windows Server 2003 who cannot upgrade to a newer version.

Where is the link to this download...? Multiple people have rebooted there pc's over the last 3 days. Will the fix clear up their issues also...? It is 3 days now....!!!!!

Share this post


Link to post
Share on other sites
I changed the date and time
And I updated the 20823 update number
But there is still the problem
version 6.5.2107.1

Share this post


Link to post
Share on other sites
11 minutes ago, persianmcse said:
I changed the date and time
And I updated the 20823 update number
But there is still the problem
version 6.5.2107.1

20824 - With loader 1074.2  is work fine.

Open C:\Program Files\ESET\ESET Endpoint Security\em000_32.dat  with notepad and check file version. if it is 1074.2 issue must be solved.

Share this post


Link to post
Share on other sites
41 minutes ago, kamiran.asia said:

20824 - With loader 1074.2  is work fine.

Where do you find this Loader at?

Share this post


Link to post
Share on other sites
35 minutes ago, AustinM. said:

Where do you find this Loader at?

It's on update servers, it's called Update module. Note that the module is intended for machines that have not been restarted after Feb 7, otherwise Endpoint will not be able to update the module. Currently a quick fix for smaller networks is by temporarily changing the system date to Feb 7 or earlier, rebooting the machine, updating modules and then changing the system date to a correct one. Tomorrow (Feb 12)  we should have a fix that will need to be run on already affected machines where temporarily changing the system date is not an acceptable solution because of the size of the network or whatever.

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...