Jump to content

Eset EES 10.0.2034.0 upgrade and destroyed FW rules by unlabeled ones (IDS_CONFENG_GENERAL_UNTITLED_LABEL)


zhladik

Recommended Posts

On several customers Win 10 installations I found some FW rules after upgrade 9.1.20560.0 to 10.0.2034.0 replaced by Strict Disable Rules without label (on cfg XML export labeled as IDS_CONFENG_GENERAL_UNTITLED_LABEL) Those rules disables all incoming TCP/UDP.

It seems that upgrade replaced some  rules not labeled as learned. New rules by wide disable settings also shields all rules  in lower order in rules table. I was not yet  verified this by reproducing on clean Windows

I believe that reproducinf scenario is:

- W10 with 9.x (in PCs it was probably from V8.x upgraded also).

- Switch Fw to Interactive mode

- Start some app which forces ESET Dialog for rule creation

- upgrade to V10.x

- check if rule was changed to Disable all incoming TCP/UDP

 

May be it destroys only rules for exe binaries which are uninstalled, or served by other rules?. Lot of similar rules untouched, some replaced.But main disaster is made by shielding  subsequent rules. May be there is some inconsistency inherited from older EES versions (Generally errors alerts about rules table problems is very long time persisitng BUG 😕 ).

I will fill tickets ASAP, but before I will try to reproduce it on clean system. 

So for other users hit by this BUG - remove unlabeled FW rules, or if it is possible - better solution:  clean Rules table and switch to learning mode. (cleaning of rules table is little (almost hidden) grey 180deg turn arrow icon (in V10 I see it is more contrast one used - great!)

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...