stereo_grabb 0 Posted May 31, 2022 Share Posted May 31, 2022 Hi, wondering if ESET Endpoint is able to detect this latest zero-day? Link to comment Share on other sites More sharing options...
itman 1,497 Posted May 31, 2022 Share Posted May 31, 2022 Yes. Eset had a signature for it yesterday: https://forum.eset.com/topic/32410-liveguard-not-blocking-script-downloads/?do=findComment&comment=151624 Link to comment Share on other sites More sharing options...
Administrators Marcos 4,551 Posted May 31, 2022 Administrators Share Posted May 31, 2022 Win32/Exploit.CVE-2022-30190 trojan Camilo Diaz 1 Link to comment Share on other sites More sharing options...
Camilo Diaz 2 Posted May 31, 2022 Share Posted May 31, 2022 (edited) Hi Marcos, what's the signature ID / Engine version? Edited May 31, 2022 by Camilo Diaz Link to comment Share on other sites More sharing options...
Administrators Marcos 4,551 Posted June 1, 2022 Administrators Share Posted June 1, 2022 9 hours ago, Camilo Diaz said: Hi Marcos, what's the signature ID / Engine version? Added in engine 25352, via streamed (pico) updates on May 30, 15:30 CEST. Peter Randziak and Camilo Diaz 2 Link to comment Share on other sites More sharing options...
j-fly 0 Posted June 2, 2022 Share Posted June 2, 2022 Hey ESET Admin, Thanks for all you do! Because the detection engine 25352 does address this vulnerability, do you still recommend MS registry change workaround? Just checking because we did receive the ESET engine update and we do have vulnerable products. Much obliged! Link to comment Share on other sites More sharing options...
EugeneK 0 Posted June 2, 2022 Share Posted June 2, 2022 Could ESET detect if there is a remote access due to this hack? What to do in case the file was downloaded, scanned with ESET before May 30th, then deleted from PC via Right Click delete button (Preview Panel was disabled in Windows Explorer). What would be the first thing to look at to detect if PC is compromised? What are the good tools to search and detect malicious child processes? Link to comment Share on other sites More sharing options...
Camilo Diaz 2 Posted June 2, 2022 Share Posted June 2, 2022 9 hours ago, j-fly said: Hey ESET Admin, Thanks for all you do! Because the detection engine 25352 does address this vulnerability, do you still recommend MS registry change workaround? Just checking because we did receive the ESET engine update and we do have vulnerable products. Much obliged! You should definitely apply the work around... Link to comment Share on other sites More sharing options...
Recommended Posts