Webshaun 0 Posted August 12 Share Posted August 12 I just got an alert from Microsoft's security platform that there's a security issue with ESET Endpoint. "Fix unquoted service path for Windows services" on path C:\Program Files\ESET\ESET Security\efwd.exe. In the registry in paths Computer\HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\efwd Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\efwd Name: ImagePath Value: C:\Program Files\ESET\ESET Security\efwd.exe This should have quotes. Value should be "C:\Program Files\ESET\ESET Security\efwd.exe" You can manually add quotes to protect yourself immediately. Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 4,844 Posted August 12 Administrators Share Posted August 12 Please post a screenshot of the alert for clarification. I'll report your finding to developers, however, it's not a security issue since the said service does nothing. What matters is that it's registered in the registry. Quote Link to comment Share on other sites More sharing options...
Webshaun 0 Posted August 12 Author Share Posted August 12 Attached. According to Microsoft the potential risk is "An attacker can exploit this misconfiguration in order to perform path interception to gain escalation of privileges and persistency on the machine." Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.