[KB6927] Known issues for latest versions of ESET business products

Issue

ESET PROTECT
ESET PROTECT Cloud
ESET Endpoint Security and ESET Endpoint Antivirus for Windows
ESET Endpoint Antivirus for Linux
ESET Mail Security for Microsoft Exchange Server
ESET Business Account
ESET MSP Administrator 2
ESET Inspect and ESET Inspect Cloud
ESET Secure Authentication
ESET Endpoint Encryption
ESET Endpoint Security for Android
ESET Endpoint Security and ESET Endpoint Antivirus for macOS
ESET Server Security for Linux
ESET Gateway Security for Linux
ESET Direct Endpoint Management plugin for ConnectWise Automate
ESET Direct Endpoint Management plugin for N-able N-central
ESET Direct Endpoint Management plugin for NinjaOne
ESET Direct Endpoint Management plugin for DattoRMM

Solution

ESET PROTECT

Generating .pdf reports do not work for ESET PROTECT Server installed on CentOS 8 – To fix this issue, you can buy and install a third-party QtWebKit4 package.
Computer names written in Hebrew are unreadable after a report is exported. To fix this issue, Windows server users can enable language support. On the Windows server, navigate to Control Panel → Clock, Language, and Region → Region → Administrative → Change system locale, and select the check box next to Use Unicode UTF-8 for worldwide language support. Linux users must install additional Left to Right direction (LTR) compatible fonts.
macOS 13 device reported as encrypted with third-party software even if it is not encrypted (and no ESET Full Disk Encryption options are offered). Workaround: Use a Software Install task (with an ESET Full Disk Encryption license) to install ESET Full Disk Encryption.
When configuring the password-protected settings in an installer with ESET Endpoint Antivirus/Security version 9.0 or 9.1 for Windows, the settings may not be applied correctly. We recommend configuring password-protected settings directly in the ESET PROTECT Web Console by creating a policy and assigning it to specific computer groups to ensure the settings are applied accurately and consistently.

ESET PROTECT Cloud

Some Windows 7 computers with legacy BIOS may be incorrectly identified as eligible for ESET Full Disk Encryption deployment by ESET PROTECT Cloud.
macOS 13 device reported as encrypted with third-party software even if it is not encrypted (and no EFDE encryption options are offered).
- Workaround: Use a Software Install task (with an ESET Full Disk Encryption license) to install ESET Full Disk Encryption.
When configuring the password-protected settings in an installer with ESET Endpoint Antivirus/Security version 9.0 or 9.1 for Windows, the settings may not be applied correctly. We recommend configuring password-protected settings directly in the ESET PROTECT Cloud Web Console by creating a policy and assigning it to specific computer groups to ensure the settings are applied accurately and consistently.

ESET Endpoint Security and ESET Endpoint Antivirus for Windows

HIPS component reports incorrect status after enabling before restart.
In some cases, sending configuration to ESET Security Management Center takes up to 30 minutes (7.3 and later).
During a push install to client computers on the network, you may see the error message "Remote Registry Opening (ESET Security Product Info) Result Code: 5 (Access is denied.)". This signifies a permissions conflict.

Check the permissions of a specific user

Experienced users only

The steps below involve working with important system files in the Windows Registry. Proceed only if you are an experienced user.

Click the Start button, type regedit and click the Registry editor icon on the left-side menu or press the Enter key.
Right-click HKEY_LOCAL_MACHINE and select Permissions from the menu.
In the Permissions for HKEY_LOCAL_MACHINE window, click Advanced.
Verify that the button shows Disable inheritance and select the check box next to Replace all child object permissions entries with inheritable permissions entries from this object. Click OK.

Figure 1-1
Click OK to exit the Permissions window.

ESET Endpoint Antivirus for Linux

See the known Issues in ESET Endpoint Antivirus for Linux.

ESET Mail Security for Microsoft Exchange

During the ESET Mail Security for Microsoft Exchange Server installation on a system with Microsoft Exchange Server 2013 SP1 installed, or when updating your Microsoft Exchange Server 2013 with SP1 while already running ESET Mail Security for Microsoft Exchange Server, you may receive the error message "0xC00CE503: MSG_E_COMMENTSYNTAX Incorrect syntax was used in a comment". To resolve this issue, apply the Microsoft hotfix.

ESET Business Account

ESA user quantity might exceed the specified margin.
Activated EFSU and ESET Full Disk Encryption devices might not appear after activation with an Offline license file.
ESET Cloud Office Security reactivation might end with issues.
Multiple license removals might end in an unexpected error.
Duplicated activated devices might appear when a license is migrated from ESET License Administrator to ESET Business Account.
The number of activated devices displayed on the dashboard might not synchronize with product usage.
Downgrading a license to a Home product might not apply to an ESET Business Account.
You can deactivate licenses with only up to 200 seats.

ESET MSP Administrator 2

See the known Issues in ESET MSP Administrator.

ESET Inspect and ESET Inspect Cloud

See the known Issues in ESET Inspect.
See the known Issues in ESET Inspect Cloud.

ESET Secure Authentication

No known issues

ESET Endpoint Encryption

Logins using the Network Login authentication type are not migrated in an upgrade from a previous version.
Uploading an EEE for a macOS client package into an EEE server in non-multi-tenant mode will fail. You can verify the version number on the login screen. For example, 3.3.0.321 MT indicates the server is in multi-tenant mode. 3.3.0.321 indicates it is in non-multi-tenant mode and will experience failure.
When installing a Windows 10 Feature Update, the process fails with the message 0xC1900101 - 0x20017 The installation failed in the SAFE_OS phase with an error during BOOT operation.
When upgrading a Windows 10 system to the 1903 build, installing the update can cause the system to crash when booting.
Full Disk Encryption Login Screen Size – In earlier versions, the pre-boot FDE login window does not fill the screen fully. The login screen is initialized as an 80x25 character screen, and the graphics card will scale the screen automatically to fit the resolution. On some devices (for example, Microsoft Surface), the scaling of the login screen is controlled by the firmware or the display. Starting with v4.9.2, support has been added to improve the graphics for high-resolution screens and a zoom feature has been introduced.
Some DELL Latitude systems fail to boot after they have been Full Disk Encrypted.

DELL systems fail to boot after ESET Full Disk Encryption

The following DELL Latitude systems are known to be affected when Legacy BIOS is enabled and SATA Operation is set to either AHCI or RAID On:

E7250
E7350
E7450 (7000 Series Ultrabook)
E5250
E5350
E5450
E5550 (5000 Series Laptop)

Systems starting in UEFI mode are not known to be affected. Certain versions of the BIOS in these DELL Latitude systems are known to have a bug, which causes Full Disk Encryption to be unable to access the disk correctly during start. A black screen with a flashing cursor displays when starting your computer.

This can occur directly after the system is Full Disk Encrypted but can also occur at a later time after numerous successful restarts. This affects not only ESET Endpoint Encryption Full Disk Encryption but also many other manufacturers of software disk encryption.

A DELL-provided BIOS update might fix the issue.

Start the system to Windows to apply the BIOS update:

You may need to start the system to Windows to apply the BIOS update. We recommend installing Windows on a second disk to start from it and apply the BIOS update. After the BIOS is updated, return the original disk to the system.

If, after updating the BIOS, the system does not boot, the original BIOS may have blocked access to the system's Master Boot Record (MBR). You should restore the ESET Endpoint Encryption MBR using the Recovery Tool.

ESET Endpoint Security for Android

Due to changes in Stock Android by Google, ESET Endpoint Security for Android can no longer execute the relevant steps related to the Wipe command. To ensure at least some data security on Android 6 devices, this command behaves the same way as Enhanced factory reset. Among other things, for example, the process will end up with a restore to factory default settings.
Due to changes in Android 7, Google enables the user to deactivate an active device administrator and uninstall the application in a single action. Users can now uninstall EESA without entering the admin password.
If you have an active application on your device that has screen overlay permissions on your Android 6 (Marshmallow) device, you will be unable to grant permissions to any other application, including your ESET product. To enable permissions for your ESET product, you must disable screen overlay permissions for the application.

Permission settings for Android 6 (Marshmallow)

If you receive the message "Screen overlay detected" after granting permissions in your ESET mobile business product for Android, edit your permissions to resolve the issue.

ESET Endpoint Antivirus and ESET Endpoint Security for macOS

Version 7 (ESET Endpoint Antivirus for macOS)

Information to know before upgrading to ESET Endpoint Antivirus for macOS 7.
When upgrading from version 6 to version 7, it is required to restart the system after the upgrade is finished and before allowing Full Disk Access for the main application.

Unsupported product versions

This content applies to ESET product versions currently in Limited Support or End of Life status.

For a complete list of supported products and support level definitions, review the ESET End of Life Policy for business products.

Upgrade ESET business products.

Version 6

The Scheduler tool in ESET Endpoint Security for Mac and ESET Endpoint Antivirus for Mac running on macOS Big Sur (11) cannot run scheduled task for sandboxed applications. For example, all applications downloaded from the Apple store are sandboxed. You can find more information about Sandbox in the Apple documentation.
- The Scheduler can still create tasks for ESET applications and other non-sandbox applications.
A computer scan that is triggered from ERA and finds malware displays an action window on the endpoint computer that requires user interaction.
- Solution: Use Strict Cleaning when triggering scans from ERA.
Media Control settings are not migrated to Device Control during an upgrade from version 6 to 6.1 and later.
Mail protection cuts off an email when sending it with ISO-2022-JP encoding.
Upgrade to version 6 can only be done from ESET NOD32 Antivirus 4 Business Edition version 4.1.100 and later.
Folders used as a storage place for several OS X Server services must be excluded from scanning.
You cannot deactivate Endpoint License from ESET License Administrator.
The Scan on File action blocks communication between VMware Fusion from version 7 and vCenter on OS X from version 10.10.4.
- Solution: You must set exclusions and exclude the following folder:
  - On macOS 10.13 and earlier:
    /System/Library/Preferences/Logging/Subsystems
  - On macOS 10.14:
    /private/etc/*.*
    /Applications/VMware Fusion.app/Contents/*.*
    /Library/Preferences/Logging/*.*
Cleaning loginwindow.plist on macOS 10.13 only works if you upgrade with products that have the same application bundle name.
The firewall may fail in ESET Endpoint Security for Mac 6.10.900.0 on macOS Big Sur (11). We advise disabling all application-specific rules for the firewall in ESET PROTECT policies before you upgrade ESET Endpoint Security to 6.10.900.0 on BigSur. To partially compensate for these changes, we advise dividing your policies into two policies. The first policy will have the same firewall settings as your earlier policy but will only be applied to computers with macOS 10.15 and earlier. The second policy will be for computers with macOS Big Sur, where the application-specific rules will be removed.

Text is missing in firewall dialogues in your ESET product for Mac.
Products affected:
- ESET Cyber Security Pro 6.10.600.0 and later
- ESET Cyber Security 6.10.600.0 and later
- ESET Endpoint Security for Mac 6.10.900.0 and later
- ESET Endpoint Antivirus for Mac 6.10.900.0 and later
You can resolve this issue by rebooting your computer.

ESET Server Security for Linux

See the known Issues in ESET Server Security for Linux.

ESET Gateway Security for Linux

In certain configurations, you may experience problems with video streaming on your network. For example, your media player may not be able to fill its video buffer, causing lags or synchronization issues during your video conferences.

Optimize ESET Gateway Security to prevent video streaming issues

If you encounter these or similar symptoms, we recommend you add a scanning exception for the problematic streaming address to the http directory of the ESETS configuration directory. To exclude a streaming address from scanning, use the following instructions:

Append the streaming address you want to exclude from scanning to the whitelist_url file. To add an exception, replace the streaming address example in the following command with the address you want to exclude and run the command:
```
echo "streaming.address.com:80/*" >> /etc/esets/http/whitelist_url
```
To finalize adding/removing URL addresses, you must restart the ESETS daemon. Use the following command to execute an immediate restart:
```
/etc/init.d/esets_daemon restart
```

For more information, use the following command to read the esets_http man page:

man esets_http

Last Updated: May 31, 2023