Jump to content

EES 11.0.2032.0 issue with Outlook web add-ins


mrac

Recommended Posts

Hello.

We have enabled "Pre-release" updates option, so received updates to ESET Endpoint Security 11.0.2032.0.

After update, users with Outlook 2016\2019 started to complain on broken Exchange web add-ins, like Zoom meetings add-in, Proofpoint Phishing etc. They have spinning wheel in Outlook several times, then error.

I found in Windows logs, that ESET crashing Internet Explorer engine in this time:

Faulting application name: IEXPLORE.EXE, version: 11.0.19041.3636, time stamp: 0x30ba2aea
Faulting module name: eOppBrowser.dll, version: 1.0.101.0, time stamp: 0x65553a90
Exception code: 0xc0000005
Fault offset: 0x00019535
Faulting process id: 0x3740
Faulting application start time: 0x01da212174ba851d
Faulting application path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Faulting module path: C:\Program Files\ESET\ESET Security\x86\eOppBrowser.dll
Report Id: df70b315-966c-44fc-9ebe-6509032f04fd

Question is: what module is "eOppBrowser.dll" ? How I can disable it in policy until it will be fixed?

Issue disappears if ESET is removed or downgraded to 10.1

 

Link to comment
Share on other sites

No, we don't use IE combability mode.

According to this document: https://learn.microsoft.com/en-us/office/dev/add-ins/concepts/browsers-used-by-office-web-add-ins

volume-licensed Office 2016\2019 can use only Trident (IE) engine for all add-ins. Office 2021\365 use modern Edge Webview2 engine.

I have Office365 with modern engine in Outlook, so no issues with Exchange web add-ins.

Users with Outlook 2016\2019 has broken add-ins, because they are using IE engine.

Link to comment
Share on other sites

Not to hijack, but we're running v11.0.2032.0 and currently trying to track down an issue with Edge in IE Mode (to run a legacy web application), when one particular page loads the tab crashes and the Internet Explorer process gets chopped. 

The only way around it at the moment is to uninstall ESET, which is not a desired fix. 

Is there anything in the ESET policies that can be turned on/off to overcome the issue?

Many thanks!

Link to comment
Share on other sites

9 minutes ago, Marcos said:

A problem with the IE compatibility mode will be addressed in the Secure browser module 1334 soon.

Thanks Marcos, we'll downgrade to v10 on some selected PC's to get them up and running again.

Link to comment
Share on other sites

I made tests:

1. Windows 11 23h2 eng + all updates (build 22631.2715) + Office 2016 x64 RTM (no updates) + ESET ES 11.0.2032.0 - No issues with web add-ins.

2. The same as #1 + installed all updates to Office 2016, build 16.0.5422.1000 64-bit, add-ins started to crashing in Outlook.

3. The same as #2, but in ESET policy disabled option "Enable advanced scanning of browser scripts" - no more crashes. Users confirmed, that issue gone for them too.

Link to comment
Share on other sites

11 minutes ago, mrac said:

3. The same as #2, but in ESET policy disabled option "Enable advanced scanning of browser scripts" - no more crashes. Users confirmed, that issue gone for them too.

Spot on mrac, thanks for that, that's saved having to reinstall version 10.  Will wait for the secure browser module to be updated before I turn it back on. 

Link to comment
Share on other sites

  • Administrators

Issues with IE compatibility mode in Edge should be resolved with the Browser protection module 1334 currently available on the pre-release update channel. If the new module doesn't resolve your issues, please raise a support ticket for further troubleshooting and investigation.

Edited by Marcos
Link to comment
Share on other sites

On 11/27/2023 at 8:40 AM, Marcos said:

A problem with the IE compatibility mode will be addressed in the Secure browser module 1334 soon.

Marcos,

Do you have an estimated date of when this will be available to GA? We have a handful of customers spanning quite a few endpoints having the same issue. I created a policy to disable the module rather than downgrading the security product until I know that the updated version is released.

 

Link to comment
Share on other sites

  • ESET Insiders

Marcos,

Just wanted to chime in. I am having issues with this at work as well. I just enabled pre-release updates. Hope that this module is released to GA sooner vs later.

Is it ok to go back to public updates afterward? I would rather not leave the entire company on pre-release updates for very long.

Thanks!

Link to comment
Share on other sites

1 minute ago, Trooper said:

Marcos,

Just wanted to chime in. I am having issues with this at work as well. I just enabled pre-release updates. Hope that this module is released to GA sooner vs later.

Is it ok to go back to public updates afterward? I would rather not leave the entire company on pre-release updates for very long.

Thanks!

If you don't want to go on the pre-release channel, you could temporarily disable the "Enable advanced scanning of browser scripts" in a policy, and apply it only to the machines that need the fix.

Link to comment
Share on other sites

  • Administrators
7 minutes ago, StooIT said:

If you don't want to go on the pre-release channel, you could temporarily disable the "Enable advanced scanning of browser scripts" in a policy, and apply it only to the machines that need the fix.

This is more dangerous than receiving fully tested module updates among the first. With advanced scanning of browser scripts disabled, JavaScript malware on compromised websites may not be detected.

Link to comment
Share on other sites

  • ESET Insiders

Marcos,

That is exactly what I was just telling my colleague.  By having everyone in pre-release, I feel better than disabling advanced scanning.

Happy to report that the issue is resolved now with Browser protection module 1334.

I assume it is ok to go back to GA release correct?

Link to comment
Share on other sites

  • Administrators
Just now, Trooper said:

I assume it is ok to go back to GA release correct?

That's correct, however, we recommend at least some of the computers in each company's network to update from the pre-release channel so that you can detect and report possible issues before a module is distributed to all users and machines.

Link to comment
Share on other sites

  • ESET Insiders
1 hour ago, Marcos said:

That's correct, however, we recommend at least some of the computers in each company's network to update from the pre-release channel so that you can detect and report possible issues before a module is distributed to all users and machines.

Thanks Marcos.  Sounds like a good idea.  Is there an easy way to apply a separate policy to just a handful of machines?

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...