stereo_grabb 0 Posted May 31 Share Posted May 31 Hi, wondering if ESET Endpoint is able to detect this latest zero-day? Quote Link to comment Share on other sites More sharing options...
itman 1,398 Posted May 31 Share Posted May 31 Yes. Eset had a signature for it yesterday: https://forum.eset.com/topic/32410-liveguard-not-blocking-script-downloads/?do=findComment&comment=151624 Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 4,243 Posted May 31 Administrators Share Posted May 31 Win32/Exploit.CVE-2022-30190 trojan Camilo Diaz 1 Quote Link to comment Share on other sites More sharing options...
Camilo Diaz 2 Posted May 31 Share Posted May 31 (edited) Hi Marcos, what's the signature ID / Engine version? Edited May 31 by Camilo Diaz Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 4,243 Posted June 1 Administrators Share Posted June 1 9 hours ago, Camilo Diaz said: Hi Marcos, what's the signature ID / Engine version? Added in engine 25352, via streamed (pico) updates on May 30, 15:30 CEST. Camilo Diaz and Peter Randziak 2 Quote Link to comment Share on other sites More sharing options...
j-fly 0 Posted June 2 Share Posted June 2 Hey ESET Admin, Thanks for all you do! Because the detection engine 25352 does address this vulnerability, do you still recommend MS registry change workaround? Just checking because we did receive the ESET engine update and we do have vulnerable products. Much obliged! Quote Link to comment Share on other sites More sharing options...
EugeneK 0 Posted June 2 Share Posted June 2 Could ESET detect if there is a remote access due to this hack? What to do in case the file was downloaded, scanned with ESET before May 30th, then deleted from PC via Right Click delete button (Preview Panel was disabled in Windows Explorer). What would be the first thing to look at to detect if PC is compromised? What are the good tools to search and detect malicious child processes? Quote Link to comment Share on other sites More sharing options...
Camilo Diaz 2 Posted June 2 Share Posted June 2 9 hours ago, j-fly said: Hey ESET Admin, Thanks for all you do! Because the detection engine 25352 does address this vulnerability, do you still recommend MS registry change workaround? Just checking because we did receive the ESET engine update and we do have vulnerable products. Much obliged! You should definitely apply the work around... Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.