Jump to content

Endpoint Security Anti phishing non functional

cookieboy69

By cookieboy69
in ESET Endpoint Products

 Share

Recommended Posts

JChurchill

JChurchill 0

Posted
Posted
Just now, Marcos said:

As for the issues with Cerfix2 (1.0.0.3), we've found out the cause. It occurs with a specific version of EFSW on other than English systems. Another version of Certfix addressing the issue should be available within today.

We're seeing this on multiple English systems.

Link to comment
Share on other sites
  • Administrators
Marcos

Marcos 5,070

Posted
  • Administrators
Posted

Ok, so that must have been misinformation that I got, another developer confirmed that the issue should be language independent. We're working on another version of Certfix that should eventually work also on machines where the current version is crashing.

Link to comment
Share on other sites
Mart

Mart 0

Posted
Posted
18 hours ago, Marcos said:

The current version of CertFix works only with the following versions:

Endpoint 6.5.2118, 6.5.2123, 6.5.2132
File/Mail Security 6.5.12017, 6.5.12018, 6.5.14026, 6.5.10057, 6.5.10059

The other versions were tricky to fix but we've managed it eventually. A fix for all v6.5 is being tested and should be available really soon.

Thanks Marcos. The new version of CertFix worked like a charm.

Link to comment
Share on other sites
alur

alur 1

Posted
Posted

We have been working without antivirus for 5 days, are you doing something with Endpoint version 5.0 or are you only working with version 6.5? I'm afraid that another couple of days and I will not have to restore the antivirus, but format the disks on the PC.

Link to comment
Share on other sites
Corbis

Corbis 1

Posted
Posted
1 hour ago, NoMayo said:

I'm waiting on the module update for the v5 systems.  I was able to upgrade about 25,000 of our endpoints to 5.0.2272.7 successfully

How did you do it? I don't believe you changed the dates on the computers.

I need some help here, all my systems are on 5.0.2265 EAV and cant make them work.

Link to comment
Share on other sites
  • Administrators
Marcos

Marcos 5,070

Posted
  • Administrators
Posted

Tonight (CET) we are going to publish links to fixes for Endpoint v5. A bit later we plan to release also a fix that will be smaller in size and will download the appropriate installed of the latest v5 Endpoint instead of having it bundled.

Link to comment
Share on other sites
alur

alur 1

Posted
Posted (edited)
8 minutes ago, Marcos said:

Tonight (CET) we are going to publish links to fixes for Endpoint v5.

I really hope.

Edited by alur
Link to comment
Share on other sites
  • Administrators
Marcos

Marcos 5,070

Posted
  • Administrators
Posted

A fix for Endpoint v5 is available:

  English http://repository.eset.com/v1/com/eset/tools/certfix/v1/latest/eea_nt32_enu.exe http://repository.eset.com/v1/com/eset/tools/certfix/v1/latest/eea_nt64_enu.exe http://repository.eset.com/v1/com/eset/tools/certfix/v1/latest/ees_nt32_enu.exe http://repository.eset.com/v1/com/eset/tools/certfix/v1/latest/ees_nt64_enu.exe

Links are different for 32 and 64-bit systems and for ESET Endpoint Antivirus and ESET Endpoint Security. For other languages, change "enu" to the appropriate language code. When run on an affected system with Endpoint v5, it will upgrade it to the latest version 5.0.2272. After upgrade, it may be necessary to reboot the machine.

Link to comment
Share on other sites
NoMayo

NoMayo 1

Posted
Posted
12 minutes ago, Marcos said:

A fix for Endpoint v5 is available:

  English hxxp://repository.eset.com/v1/com/eset/tools/certfix/v1/latest/eea_nt32_enu.exe hxxp://repository.eset.com/v1/com/eset/tools/certfix/v1/latest/eea_nt64_enu.exe hxxp://repository.eset.com/v1/com/eset/tools/certfix/v1/latest/ees_nt32_enu.exe hxxp://repository.eset.com/v1/com/eset/tools/certfix/v1/latest/ees_nt64_enu.exe

Links are different for 32 and 64-bit systems and for ESET Endpoint Antivirus and ESET Endpoint Security. For other languages, change "enu" to the appropriate language code. When run on an affected system with Endpoint v5, it will upgrade it to the latest version 5.0.2272. After upgrade, it may be necessary to reboot the machine.

Will there be a v5 module push by ESET as part of normal updates that'll update existing systems from say 5.0.2260 to 5.0.2272 or do we need to do the patching/upgrades?

Link to comment
Share on other sites
rudyooms

rudyooms 1

Posted
Posted (edited)

And the other 6.5 versions? @Marcos

NIce to hear the v5 is fixed... but al our server with the 6.5 versions are still not working......

It is almost one week now...... maybe i am wrong but in my work when i tell clients to wait a week for a fix..... the guillotine will be put in place to cut off my head...

Where can we send the bill, all the extra off hours we have to put in to change the date/reboot/remove the piece of malware or upgrade it??

 

 

  


 
Edited by rudyooms
Link to comment
Share on other sites
  • Administrators
Marcos

Marcos 5,070

Posted
  • Administrators
Posted
2 hours ago, NoMayo said:

Will there be a v5 module push by ESET as part of normal updates that'll update existing systems from say 5.0.2260 to 5.0.2272 or do we need to do the patching/upgrades?

We released Antivirus and antispyware module 1559.4 for v5 users who can still update and have an affected version installed as a staggered update yesterday and to all v5 users this morning at about 8:30 CET.

As for a PCU (program component update) to version 5.0.2272, a decision has not been made yet. PCUs were prone to issues since the product would need to be uninstall and new version installed from scratch which was not always successful. A mechanism for seamless upgrades to newer program versions is now incorporated in Endpoint v7.2 and we plan to take advantage of it for future upgrades (depending on how administrator configures program upgrades).

Link to comment
Share on other sites
Disgruntledtech

Disgruntledtech 0

Posted
Posted

we have a lot of pcs and a few servers still running 5.  Is there a way i can run a query somehow to figure out which PCs have a jacked up eset installation?  Some PCs are fine..i guess they didnt reboot.  I've come across 2 servers that i know have not been rebooted(checked uptime to make sure) yet the install is still screwed up on them.

Only 1 of my users has called me so far to let me know that they're seeing error messages from windows action center that AV is not installed.  I know i have a lot more users than that where the users just arent reporting or noticing their install is now bad.

We have way too many pcs/vms/servers for our team to go through them one at a time.

Link to comment
Share on other sites
  • Administrators
Marcos

Marcos 5,070

Posted
  • Administrators
Posted
13 minutes ago, Disgruntledtech said:

we have a lot of pcs and a few servers still running 5.  Is there a way i can run a query somehow to figure out which PCs have a jacked up eset installation?  Some PCs are fine..i guess they didnt reboot.  I've come across 2 servers that i know have not been rebooted(checked uptime to make sure) yet the install is still screwed up on them.

Only 1 of my users has called me so far to let me know that they're seeing error messages from windows action center that AV is not installed.  I know i have a lot more users than that where the users just arent reporting or noticing their install is now bad.

We have way too many pcs/vms/servers for our team to go through them one at a time.

Do you use ERAv5 or ESET Security Management Center to manage v5? Even in ERA v5 it's possible to create a custom package with the fix and push it to all clients. Even the cliets that are ok will be upgraded to the latest version v5 which was not affected by the issue.

Speaking about v5, we would like to hear from you all what are the main reasons for staying with v5 and not upgrading to the latest version v7.2 or 6.5 in case of older operating systems, such as Windows XP.  We understand that there may be various reasons, such as old hw, larger networks, etc. and do not force you into upgrade unless the products reach end of life.

Link to comment
Share on other sites
Disgruntledtech

Disgruntledtech 0

Posted
Posted
1 minute ago, Marcos said:

Do you use ERAv5 or ESET Security Management Center to manage v5? Even in ERA v5 it's possible to create a custom package with the fix and push it to all clients. Even the cliets that are ok will be upgraded to the latest version v5 which was not affected by the issue.

Speaking about v5, we would like to hear from you all what are the main reasons for staying with v5 and not upgrading to the latest version v7.2 or 6.5 in case of older operating systems, such as Windows XP.  We understand that there may be various reasons, such as old hw, larger networks, etc. and do not force you into upgrade unless the products reach their end of life.

Working in a 24/7 environment that doesn't have IT staffed around the clock.  Getting the OK to make users reboot, and rebooting the servers outside of windows update downtime is like pulling teeth.  If we dont force the users to reboot after the upgrade, then they wont.  We've been transitioning for a while now, but its a slow process.

 

For v5 we're using ERAv5.  We have no v6 at this point, so all of the rest of our clients are on v7 and we use eset management center for that.

Can you link me an article to create the custom package fix for ERA?  I've only created the initial default install so far.

 

 

Link to comment
Share on other sites
Cp3p0

Cp3p0 6

Posted
Posted

Hi guys,

Apologies If I'm replying on-top of anyone.

We have a considerably large customer running the affected v5.0xx Endpoint along side a 6.x ERA.
All version 5.x machines are updating from a v7.x File Security Mirror server.
I've read that the current update module version 1559.4 resolves the issue.

Two questions.

1) Is this module updated via Virus signature? Does the Mirror server need "Component Updates" enabled? 

2) Is there any clear way to confirm that the affected machines have received this update via the ERA

Before we push out a later product installer, we want to absolutely confirm these machines are ready.

Before anyone suggest checking on the endpoint itself, It's not really possible to check the hundreds of machines locally.

Thank you

Link to comment
Share on other sites
mogobjah

mogobjah 0

Posted
Posted (edited)
On 2/12/2020 at 2:12 AM, Marcos said:

There should be also v6.5 installers available for those with Windows XP and Windows Server 2003 who cannot upgrade to a newer version.

Are the new (fixed) v6.5 installers for ESET file security available? Kindly share the download links here. If NO, please provide ETA.

Edited by mogobjah
Link to comment
Share on other sites
cookieboy

cookieboy 5

Posted
Posted
3 hours ago, mogobjah said:

Are the new (fixed) v6.5 installers for ESET file security available? Kindly share the download links here. If NO, please provide ETA.

EES:
hxxp://repository.eset.com/v1/com/eset/apps/business/ees/windows/v6/6.5.2132.5/ees_nt32_enu.msi
hxxp://repository.eset.com/v1/com/eset/apps/business/ees/windows/v6/6.5.2132.5/ees_nt64_enu.msi

EEA:
hxxp://repository.eset.com/v1/com/eset/apps/business/eea/windows/v6/6.5.2132.5/eea_nt32_enu.msi
hxxp://repository.eset.com/v1/com/eset/apps/business/eea/windows/v6/6.5.2132.5/eea_nt64_enu.msi

Link to comment
Share on other sites
  • ESET Staff
MichalJ

MichalJ 434

Posted
  • ESET Staff
Posted
5 hours ago, mogobjah said:

Are the new (fixed) v6.5 installers for ESET file security available? Kindly share the download links here. If NO, please provide ETA.

Link to comment
Share on other sites
Piter

Piter 0

Posted
Posted (edited)
12 hours ago, Disgruntledtech said:

For v5 we're using ERAv5.  We have no v6 at this point, so all of the rest of our clients are on v7 and we use eset management center for that.

Can you link me an article to create the custom package fix for ERA?  I've only created the initial default install so far.

I also don't know how to do this - package manager in ERA5 doesn't recognize this fix as ESET installation file. 

EDIT : my mistake - in Package Manager you have to pick "Custom package" instead of "ESET security products for Windows".

Edited by Piter
Link to comment
Share on other sites
  • Administrators
Marcos

Marcos 5,070

Posted
  • Administrators
Posted

Should remote install fail, make sure that the maximum size of installation packages is set to 150 or more MB via a policy. Some older versions had a limit of 100 MB which is not enough.

image.png

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...