Important ESET product updates available (Feb. 8, 2024)

Sicherheit (Pexels, allgemeine Nutzung)[German]Short information for administrators who use ESET Endpoint Antivirus/Security under Windows. The manufacturer has released an important product update for its Windows product line, which should be installed immediately. The update fixes a vulnerability that will not be disclosed in an advisory until February 14, 2024.

Thanks to the blog reader who sent me the warning. According to my information, the vulnerability is included or fixed in the following supported products and versions:

  • ESET Endpoint Antivirus/Security for Windows (10.1, 10.0, 9.1, 8.1)
    • secured as of version 10.1.2063.0
    • secured as of version 10.0.2052.0
    • secured as of version 9.1.2071.0
    • secured as of version 8.1.2062.0
  • ESET Server Security for Microsoft Windows Server (10.0, 9.0, 8.0, 7.3)
    • secured as of version 10.0.12015.2
    • secured as of version 9.0.12019.0
    • secured as of version 8.0.12016.0
    • secured as of version 7.3.12013.0
  • ESET Security for Microsoft SharePoint Server (10.0, 9.0, 8.0, 7.3)
    • secured as of version 10.0.15005.1
    • secured as of version 9.0.15006.0
    • secured as of version 8.0.15012.0
    • secured as of version 7.3.15006.0
  • ESET Mail Security for Microsoft Exchange Server (10.0, 9.0, 8.0, 7.3)
    • secured as of version 10.0.10018.1
    • secured as of version 9.0.10012.0
    • secured as of version 8.0.10024.0
    • secured as of version 7.3.10018.0
  • ESET Mail Security for IBM Domino (10.0, 9.0, 8.0, 7.3)
    • secured as of version 10.0.14007.1
    • secured as of version 9.0.14008.0
    • secured as of version 8.0.14014.0
    • secured as of version 7.3.14006.0

ESET Endpoint solutions for Windows version 11 are not affected by the vulnerability. Due to technical requirements, the updates are only available for ESET program versions running on Windows operating systems with Azure Code Signing support, according to the statement. The manufacturer requests that the affected ESET solutions be updated promptly and that IT service providers inform their own customers accordingly.

Addendum: See Local Privilege Escalation vulnerability CVE-2024-035 in ESET products fixed for further details.

This entry was posted in Security, Software, Windows and tagged , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *