On November 18, 2021, ESET became aware of a potential local privilege escalation vulnerability in its Windows products. According to the report, submitted by the Zero Day Initiative (ZDI), an attacker who is able to, SeImpersonate Privilege to obtain, misuse the AMSI scan function to, in some cases, gain the rights of NT AUTHORITY\SYSTEM to acquire.
ESET has already fixed the problem, however, it was recently reported in the press that ESET products were affected by a serious security vulnerability (CVE-2021-37852) (ESET antivirus bug let attackers gain Windows SYSTEM privileges, 02.02.22).
As soon as the security vulnerability became known, we had already patched 84 of all systems (%) for you. The remaining systems were offline devices or servers.
ESET's fundamental recommendation is to use the latest product versions, such as... in this article As described. As a Master MSP, we will support you in this wherever possible. We cannot perform server upgrades for you for the following reasons:
- Processed system updates should be completed.
- No restart should be required before the product upgrade.
- A restart should be performed after the upgrade.
The update status of your devices is displayed in ESET PROTECT The dashboard is displayed graphically. Automatic updates for the server products can also be set up here. Therefore, manual activation is not always necessary.
I still have questions…
No problem at all. We've summarized here how you can get a solution from us as quickly as possible: How does our support work?
You can also easily book an appointment with our technical team. Please include your ticket number or the reason for the appointment in the comments.