Parsh 0 Posted March 18, 2020 Posted March 18, 2020 (edited) I updated to the latest version yesterday. Besides the mentioned changes and the new provisions in the Detection Engine, I can see that the option to disable "Access Setup >> Require full administrator rights..." has been removed from the GUI and subsequently from the config file ---> <ITEM NAME="EKRN_CFG"> ... <NODE NAME="RequireElevation" TYPE="number" VALUE="0" /> Now, the user has to answer UAC prompts everytime when saving a rule through (interactive) Firewall alerts. Not the same for HIPS alert, as expected from earlier behavior. Is that it or there's a workaround? Kindly let know. Thank you. Edited March 22, 2020 by Parsh
Administrators Marcos 5,458 Posted March 18, 2020 Administrators Posted March 18, 2020 That is correct, the option has been removed for security reasons. There is no workaround for that.
jameslevalaisan 0 Posted March 22, 2020 Posted March 22, 2020 Hi, I can understand that this option has been removed (for limited user) but on my computers on windows10 where I am the unique and administrator user, Eset prompts UAC. So it's very anoying, how can I do to stop that.
jameslevalaisan 0 Posted March 22, 2020 Posted March 22, 2020 Hi, I understand that you remove this option for security reasons but it's very anyoning if the user are in interactive mode. By the way , I don't understand why I have UAC alert on my two computers (on Windows 10 pro) where I am the unique user with administrator rules. Could you help me please?
Administrators Marcos 5,458 Posted March 22, 2020 Administrators Posted March 22, 2020 There is no way to avoid it. Actions requiring administrator permissions require UAC elevation / confirmation.
itman 1,803 Posted March 22, 2020 Posted March 22, 2020 2 hours ago, jameslevalaisan said: but on my computers on windows10 where I am the unique and administrator user, Actually, you run as a limited admin and Windows prompts via UAC when full admin privileges are required. Also in Win 10, you can't log on as full admin since Microsoft removed the account on the Home versions. You can create a standard user account and log on under that. You won't get any UAC alerts since anything requiring admin privileges will be automatically blocked. This includes Eset GUI modifications.
jameslevalaisan 0 Posted March 22, 2020 Posted March 22, 2020 Ok. So in this case, please don't remove this option. There is a lot of other dangerous options in your software. Add at least an option to avoid Eset asking administrator privilege for add a rules (which is not more secure than alow user to accept the request without add a rules).
jameslevalaisan 0 Posted March 22, 2020 Posted March 22, 2020 17 minutes ago, itman said: since Microsoft removed the account on the Home versions. But I write that I'm using a pro version of windows 10. You cut this word from your quote !
AGH1965 12 Posted March 22, 2020 Posted March 22, 2020 2 hours ago, itman said: You can create a standard user account and log on under that. You won't get any UAC alerts since anything requiring admin privileges will be automatically blocked. This includes Eset GUI modifications. I always log on using a standard user account and I'm used to fill in the password of the adminstrator account when an UAC dialog appears. Are you saying that this isn't possible anymore?
itman 1,803 Posted March 22, 2020 Posted March 22, 2020 (edited) 2 hours ago, jameslevalaisan said: But I write that I'm using a pro version of windows 10. You cut this word from your quote ! You can disable admin approval mode for the built-in default admin account via Group Policy: https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/user-account-control-admin-approval-mode-for-the-built-in-administrator-account . Note: doing this puts you at considerable risk since no UAC alerts will be displayed. If a APT attacker drops malware abusing a Win trusted system utility that can perform hidden admin elevation, you won't be aware this has taken place. This is why security experts recommend UAC be set to its highest level versus its default level. I assume the above will also eliminate the UAC alerts being generated by Eset. Edited March 22, 2020 by itman
itman 1,803 Posted March 22, 2020 Posted March 22, 2020 6 minutes ago, AGH1965 said: I always log on using a standard user account and I'm used to fill in the password of the adminstrator account when an UAC dialog appears. Are you saying that this isn't possible anymore? You are correct. This is how a standard user account works by default unless overridden by Group Policy.
pip25 0 Posted March 29, 2020 Posted March 29, 2020 It is regrettable that ESET removes product features with no prior notification and a generic "security reasons" justification. I use interactive mode for both my firewall and HIPS. I know this means getting a lot of prompts. But if I agreed to let an application do its thing, a second prompt for UAC seems completely superfluous. Not to mention that this change doubles the prompts I need to accept, which in turn makes me less vigilant about what I accept, and decreases the security of my machine instead of increasing it. Why was this change necessary? Did disabling the UAC prompt require part of the ESET suite to run with administrator rights all the time? At least some meaningful explanation for this loss of feature would be welcome.
ip82 0 Posted April 4, 2020 Posted April 4, 2020 Just upgraded and noticed this limitation of v13 as well. Why is this option removed instead of hiding it under advanced>not recommended> type hidden tab? Firefox and Chrome both offer these options and display warnings saying this may void your warranty. Regular users won't go in that deep and if you are a pro user, you know what you're doing. Removing choices is never good, hope ESET restores this option.
Recommended Posts