Real-time file system protection is non-functional on Server 2016 / ESET Server Security 9.0.12013.0

[Trooper 65]

I am having this same issue on one of my old servers.  It is running Windows Server 2008R2.  I would love to update to the newest version of ESET but cannot since it will not upgrade on this server OS.  Any other workarounds?

[slarkins 5]

Same here...but i am running Server Security 8.0.12013...on Windows Server 2019...reboot server this morning and have 6 differtn things showing as non functional...tried to upgrade to 8.0.12015 but it said it failed/not successful. I see that an updated HIPS module (in prerelease currently) fixes the problem? Any idea when the updated hips module will be in production channel? Once the Hips module is updated, will this fix 100% or is something else(like upgrading to v9 or 10) required?

[slarkins 5]

So some of my servers (v8 flavors) are on hips 1467.2.....the 2 windows 2019 servers with 8.0.12013 are still at 1466 HIPS....it is not possible to set the system clock back as it is part of a domain...for some reason these 2 servers didnt update hips modules...i actaully have a win 2012 server running 7.3.12005 and it is running the 1467.3 hips module...so i know the current hips modude is installing on some servers...dont know why the 2 2019/8.0.12013 are stuck at 1466....

 

I am running various versions of 7 and 8 Server Security on various versions of Win Server...I am working on getting the V7 updated to V8...it sounds like some of the older "sub versions" dont work any more....for V8, 9 and 10, what is the minimum full version that overcomes all the SHA256 and cert expiration? I am not one to install latest and greatest version until the bugs have been worked out...but i want to install a good stable version( lately seems to be messing up terminal server, freeze and hang and not responsive) that will be supported for a while. This continuous breaking and updating Eset AV versions is getting dangerous(not know if a server will work properly after upgrade) and tiresome

Edited December 20, 2023 by slarkins

[slarkins 5]

Marcos...can you chime in here with best approach with minimal server restarts? This thread is kind of all over the place with regards to actual fix...and no mention of v8...

running Server Security 8.0.12013...on Windows Server 2019...upgrading to 8.0.12015 failed....what are the proper steps to fix this? If i switch to pre-release and get Hips 1467.3...what will that allow me to do? Upgrade existing without failure? I really do not want to go to V10 yet...i would rather stay in V8 but if V9 is only path...then i will do V9...i wasnt sure if any version of V8 overcame the cert issues

[Marcos 5,085]

Later today the affected server products v8 and v9 will automatically receive HIPS module 1467.3 that contains a workaround and will enable all ESET drivers to load after Entrust cert. expiration on Dec 7.

Afterwards please make sure to upgrade to the latest support major version that you have tested (v8/v9/v10) with EOL in mind: https://support-eol.eset.com/en/policy_business/product_tables.html

[slarkins 5]

Will all 6 items that failed to start(showing in Protect console) automatically start working after the HIps module update later today?

 

As long as i install the latest revision for V8,V9 or V10, i will be good with regards to the expired cert?

 

Are any version of V7 affected? I still have a few of those left i need to upgrade...a couple are on servers i need to install the windows update with regards to azure code signing

[Marcos 5,085]

A workaround has just been deployed on the update servers. Older versions of EFSW v8 and v9 should download the latest HIPS module 1467.3. Afterwards you will get an error, however, after a reboot all should be well with all modules loaded and the protection status being green.

Please upgrade EFSW to the latest version major version 8/9 or v10 as soon as possible depending on which you have tested and can deploy.

As far as I know, only EFSW 7.3 is in limited support and it should not be affected.

[FTL 2]

I have an Exchange 2019 to patch this morning, while im rebooting it i may as well update ESMX

Its currently got the Dec 2023 CU on it (Server 2019)

Running v10.0.10016 ESMX

Am i ok to try an upgrade this to the latest v10.1.10014 or is this Azure thing going to bite me?

Thanks

[Marcos 5,085]

It should be possible to add ACS support by installing https://support.microsoft.com/en-au/topic/september-21-2021-kb5005625-os-build-17763-2210-preview-5ae2f63d-a9ce-49dd-a5e6-e05b90dc1cd8 on Windows Server 2019.

[mikeewa 0]

On 12/21/2023 at 4:03 PM, Marcos said:

A workaround has just been deployed on the update servers. Older versions of EFSW v8 and v9 should download the latest HIPS module 1467.3. Afterwards you will get an error, however, after a reboot all should be well with all modules loaded and the protection status being green.

Please upgrade EFSW to the latest version major version 8/9 or v10 as soon as possible depending on which you have tested and can deploy.

As far as I know, only EFSW 7.3 is in limited support and it should not be affected.

I have one server that still hasn't received the updated hips module. Shouldn't all servers received the update by now?

[Marcos 5,085]

11 minutes ago, mikeewa said:

I have one server that still hasn't received the updated hips module. Shouldn't all servers received the update by now?

What version of ESET File Security is installed? Only the affected versions were supposed to receive the said HIPS module.

[mikeewa 0]

11 minutes ago, Marcos said:

What version of ESET File Security is installed? Only the affected versions were supposed to receive the said HIPS module.

9.0.12012.0

It was affected by the hips module

[Marcos 5,085]

12 hours ago, mikeewa said:

9.0.12012.0

It was affected by the hips module

It works now for this version too. Although you'll get an error after an update, rebooting the server will resolve it.

[Glitch 3]

On 12/11/2023 at 1:55 PM, Marcos said:

Many of our users have probably already updated to the latest v9. It is crucial to keep the product updated, in this case at least to the latest version v9 if not to v10. We had been notifying about the expiring Entrust certificate and the need to upgrade the product and the OS to an ACS-compatible version throughout this year.

Please advise HOW we have been notified we have a 1000 servers with this issue at the moment, we are getting sick and tired of ESET and their certification errors time and time again.  Is there a hot fix that we can use from 9.0.12017.0 to 9.0.12019.0 ???