ESET Customer Advisory 2020-0004
February 27, 2020
ESET has identified an issue with digital signature validity verification. The issue occurs in cases of already expired certificates within the certificate chain in some legacy product versions. In this case, an affected product would not trust its plugins and would refuse to load them, which made the product non-functional.
A software flaw in several old versions of ESET security products caused properly signed binaries to be treated as untrusted, thus the loading of the signed plugins failed and the product’s features, including malware protection, could not start. Specifically, the digital signature verification mistakenly evaluated the current system time instead of a timestamp set during the binary signing process. Full details can be found in this knowledgebase video: https://www.youtube.com/watch?v=oHibrFGvxfc
For versions older than 5.0.2271.x the symptoms are:
For versions 6.5.x symptoms are:
This issue DOES NOT affect the latest versions of ESET’s products, including the latest ESET Endpoint Antivirus/ESET Endpoint Security 6.6.2089 and 7.2 and ESET File Security for Windows 7.1.12008, and customers using the latest versions are not affected in any way.
ESET sincerely apologizes for any inconvenience caused by this issue. We have dedicated our full effort to provide affected customers with various automated and manual means of fixing the issue within a matter of days, despite the products already being out of scope for regular support. Our support teams remain ready to assist any customers in remedying the issue.
If you have installed ESET Endpoint product 5.x on your computer, follow https://support.eset.com/kb7442
If you have installed ESET Endpoint product 6.5 on your computer, follow https://support.eset.com/kb7443
If you have installed ESET Security product for Windows Servers 6.5 on your computer, follow https://support.eset.com/kb7444
The ultimate solution to the incident is to upgrade to the latest supported version of the product on your OS.
|ESET Endpoint Antivirus/ESET Endpoint Security 5||ESET Endpoint Antivirus/ESET Endpoint Security 6.5||ESET File Security for Windows 6.5||ESET Mail Security for MS Exchange Server 6|
All affected products were already in the “Basic Support” or “Limited Support” categories of ESET’s End of Life Policy as per https://support.eset.com/en/kb3592-is-my-eset-product-supported-eset-end-of-life-policy-business-products
Version 1.0 (February 26, 2020): Initial version of this document