ESET NOD32 Antivirus, ESET Internet Security, ESET Smart Security and ESET Smart Security Premium from version 10.0.337.1 to 15.0.18.0.The list of products affected by this vulnerability is quite long and includes: While ESET said it was only made aware of this bug on November 18, a disclosure schedule available in the ZDI advisory reveals that the vulnerability was reported four months earlier, on June 18, 2021. However, the ZDI advisory says that attackers should only "gain the ability to execute low-privilege code on the target system", which is consistent with ESET's CVSS severity rating and also shows that threat actors with few privileges can exploit the bug. ) using Windows Antimalware Scanning Interface (AMSI).ĪMSI was first introduced with Windows 10 Technical Preview in 2015 and allows applications and services to request memory buffer scans from any major antivirus product installed on the system.Īccording to ESET, this can only be achieved after attackers obtain SeImpersonatePrivilege rights, typically assigned to users in the device's local administrators group and local service account to impersonate a client after authentication, which should "limit the impact of this vulnerability". The flaw ( CVE-2021-37852) was reported by Michael DePlante of Trend Micro's Zero Day Initiative, and allows attackers to increase privileges to NT AUTHORITY\SYSTEM account rights (the highest level of privileges on a Windows system). Retrieved from Bleeping Computer.Slovak Internet security company ESET has released security fixes to address a high severity local privilege escalation vulnerability affecting multiple products on systems running Windows 10 and later or Windows Server 2016 and later. Retrieved from ESET.ĮSET security advisory (2nd February 2022). The Guyana National CIRT recommends that users and administrators review this update and apply it where necessary.ĮSET security advisory (31st January 2022). 4ĮSET Server Security for Microsoft Windows Server 3.0 and 3.1, ESET File Security for Microsoft Windows Server from version 4.0 to 6.0ĮSET Server Security for Microsoft Azure from version 6.1002 to 4.1000ĮSET Security for Microsoft SharePoint Server from version 8.0 to 4.0ĮSET Mail Security for IBM Domino from version 8.0 to 4.0ĮSET Mail Security for Microsoft Exchange Server from version 9 to 6.0įor more information on this update, you can follow this URL:
Affected products are:ĮSET NOD32 Antivirus, ESET Internet Security, ESET Smart Security and ESET Smart Security Premium from version 10.0.337.1 to 15.0.18.0ĮSET Endpoint Antivirus for Windows and ESET Endpoint Security for Windows from version. It is recommended that you take the necessary precautions by ensuring your products are always updated. ESET has published a security advisory to address vulnerabilities in multiple products on the 31st of January 2022.
0 kommentar(er)
