[ALERT7396] Legacy products startup issue

Last Updated: Feb 14, 2020, 2:08 PM CET

Last changes:
  • New version of CertFix.exe - enhanced list of supported product versions (Feb 13, 2020, 1:57 AM CET)
  • Download links for ESET Endpoint Antivirus/ ESET Endpoint Security 5.0.2272.7 (Feb 13, 2020, 1:57 AM CET)
  • Antivirus and antispyware module update (version 1559.4 for v5) (Feb 13, 2020, 2:00 PM CET)
  • How to download and use the fixing tool (Feb 13, 2020, 3:30 PM CET)
  • New version of CertFix.exe - enhanced list of supported product versions (Feb 13, 2020, 8:30 PM CET)
  • The fixing tool for v5 (Feb 13, 2020, 8:30 PM CET)
  • The solution section has been split into three separate articles (Feb 14, 2020, 2:08 PM CET)

Alert Details

We would like to inform you that we have identified an issue in older versions of the product of our Windows business products, specifically:

ESET Endpoint Antivirus/ESET Endpoint Security 5
Version
5.0.2248.0
5.0.2254.0
5.0.2254.1
5.0.2254.1000
5.0.2260.0
5.0.2260.1
5.0.2265.0
5.0.2265.1
ESET Endpoint Antivirus/ESET Endpoint Security 6.5.2000+
Version
6.5.2086.0
6.5.2086.1
6.5.2093.1
6.5.2094.0
6.5.2094.1
6.5.2107.0
6.5.2107.1
6.5.2118.0
6.5.2118.1
6.5.2118.2
6.5.2118.3
6.5.2118.4
6.5.2123.5
6.5.2123.7
6.5.2123.8
6.5.2132.1
6.5.2132.2
ESET File Security for Windows 6.5.12000+
Version
6.5.12002.1
6.5.12002.0
6.5.12004.0
6.5.12007.0
6.5.12010.0
6.5.12013.0
6.5.12014.0
6.5.12017.0
6.5.12018.0
ESET Mail Security for Microsoft Exchange Server 6.5
Version
6.5.10057
6.5.10059

⯈ ESET Security for Kerio 6.5
⯈ ESET Mail Security for Lotus Domino 6.5.14026
⯈ ESET Security for Sharepoint Server 6.5
⯈ ESET NOD32 Antivirus/ESET Smart Security 9

This issue DOES NOT affect the latest versions of our products including the latest ESET Endpoint Antivirus/ESET Endpoint Security – 6.6.2089 and 7.2 and ESET File Security for Windows 7.1.12018 and customers using the latest versions are not affected in any way. This issue relevant to the impacted versions listed and described above. Newest versions of our products are NOT affected.

ESET has identified that our kernel has a problem with verification of the timestamp of an already expired certificate (expired by 7th Feb 2020). This method fails and our modules in older, legacy versions, are declared as untrusted and therefore are not loaded. This mechanism ensures that no untrusted library is loaded.

As a result, the affected versions fail to load modules (Firewall, HIPS, Updated, Device Control, Web and Email protection) and are not functional, therefore the protection is not functional.

 

Symptoms

For versions older than 5.0.2271.x symptoms are:

  • Failed loading of modules for v5 family
  • GUI of the main window is in English and logo shows ESET Smart Security 5 instead of Endpoint Security

For versions 6.5.x symptoms are:

  • Product reports "Anti-Phishing protection is non-functional"
  • Product reports that it is not activated
  • Product’s advanced settings have features missing

If they are managed by our ESET Remote Administrator or ESET Security Management Center, they will fall back to the respective parametric group and report an alert as not being activated and the antiphishing module as not functional.

 

Solution

Important!

If you are using affected versions and issue is not manifesting, do not restart the machine and perform upgrade immediately.

Frequently Asked Questions

Please read the following ESET Knowledgebase article:
Legacy products startup issue FAQ

If you have installed ESET Endpoint product 5.x on your computer, see our instructions.

If you have installed ESET Endpoint product 6.5 on your computer, see our instructions.

If you have installed ESET Security product for Windows Servers 6.5 on your computer, see our instructions.