[KB6927] Known issues for latest versions of ESET business products




  • Generating .pdf reports does not work for ESET PROTECT Server installed on CentOS 8 – To fix this issue, you can buy and install a third-party QtWebKit4 package.
  • Computer names written in Hebrew are unreadable after a report is exported. To fix this issue, Windows server users can enable language support. On the Windows server, navigate to Control PanelClock, Language, and RegionRegion Administrative Change system locale, and select the check box next to Use Unicode UTF-8 for worldwide language support. Linux users must install additional Left to Right direction (LTR) compatible fonts.
  • macOS 13 device reported as encrypted with third-party software even if it is not encrypted (and no EFDE encryption options are offered). Workaround: Use a Software Install task (with an EFDE license) to install EFDE.


  • Some Windows 7 computers with legacy BIOS may be incorrectly identified as eligible for EFDE deployment by ESET PROTECT Cloud.
  • ESET PROTECT Tour function is not working properly on the Safari browser:
    • Missing screenshots and incorrect text format.
    • Loading issues and users may receive an error
  • macOS 13 device reported as encrypted with third-party software even if it is not encrypted (and no EFDE encryption options are offered). Workaround: Use a Software Install task (with an EFDE license) to install EFDE.

ESET Security Management Center (ESMC)

  • The server task does not save credentials (password) when you edit or change a task.
  • When editing a notification with filters enabled, the filter configuration is not displayed, but the notifications continue to work.
  • If a computer name includes special characters in the hostname (emojis), it will not connect to ESMC Server.
  • If you add exclusions from policy and choose the option Exclude collected threats, exclusion by URI and Threat Name does not work (values are swapped and written into incorrect fields).
  • MDM Core cannot be installed on Windows Server 2008R2 SP1 x64 in offline mode.
  • Logs in LEEF format are missing computer name/computer FQDN/and time zone specification with event time.
  • After upgrading from version 6.x ESET Remote Administrator, tasks set with monthly triggers will stop working and cause the “Unexpected Error” message.
    • Solution: Click Continue, edit the task and recreate the trigger in ESMC.
  • Mobile Device Connector does not accept certificates from ERA 6.5 after the upgrade. A new certificate with the CA included needs to be generated in ESMC version 7 and updated via policy to connect clients to prevent the need for re-enrollment.
  • When manually upgrading ESET Mobile Device Connector, the upgrade may fail due to the previous installation of the Mobile Device Connector not being able to stop its service.
    • Solution: Set the Mobile Device Connector service Startup type to Manual, then restart the service from within Services and run the upgrade procedure again.
  • Users are unable to use Windows Phone for two-factor authentication if ESET Security Management Center is a part of the domain and the domain user is provisioned.
  • Certificates with validity ending after the year 2037 are not supported on Mac OS X. It is not possible to parse a date variable from the Certificate Authority on Mac OS X. The Agent cannot connect, because OS X cannot accept the Certificate Authority.
  • Mobile Device Connector (MDC) requires unique device identification to be able to process device enrollment correctly, as unique device identification is needed by internal structures of MDC. Some Android devices might have the same device identification, and those devices will fail to enroll in MDC.
  • Installing ERA Agent on macOS Sierra (10.12) requires root privileges.
  • MDM can stop working after a mobile device's static object is removed (for example, if a task or policy is removed from the device).
    • Solution: This is a database-related issue—contact ESET technical support to resolve it.
  • When performing an upgrade of previous versions of ESET Remote Administrator to ESMC V7, users may be unable to login to the Web Console for a longer time.
  • Using emojis or other 4-byte characters in certificates & object names will cause database errors and server crashes in some cases.
  • Proxy settings for replication are not applied from an agent policy using the All-in-one installer.
  • The Computer details view for a client incorrectly displays static group hierarchy and shows the device as a member of all parent dynamic groups. However, policies are still applied correctly. 
  • An On-demand scan launched from the ESMC console shuts down the computer even if this post-scan action was not selected.
  • Computer names written in Hebrew are unreadable after a report is exported. To fix this issue, Windows server users can enable language support. On the Windows server, navigate to Control PanelClock, Language, and RegionRegion Administrative Change system locale..., and select the check box next to Use Unicode UTF-8 for worldwide language support. Linux users must install additional Left to Right direction (LTR) compatible fonts.

ESET Endpoint Security and ESET Endpoint Antivirus for Windows (EES/EEA)

  • HIPS component reports incorrect status after enabling before restart. (This also applies to versions 7.1 and 7.2).
  • In some cases, sending configuration to ESMC takes up to 30 minutes (7.3 and later).
  • During a push install to client computers on the network, you may see the error message Remote Registry Opening (ESET Security Product Info) Result Code: 5 (Access is denied.). This signifies a permissions conflict.

Check the permissions of a specific user
Experienced users only

The steps below involve working with important system files in the Windows Registry. Proceed only if you are an experienced user.

  1. Click Start Run and then type regedit in the Open: text field and click OK. (In Microsoft Windows Vista, click Start and type regedit into the Start Search text field.)

  2. Right-click HKEY_LOCAL_MACHINE and select Permissions from the menu.

  3. In the Permissions for HKEY_LOCAL_MACHINE window, click Advanced.

  4. Make sure both check boxes at the bottom of the Advanced Security Settings for HKEY_LOCAL_MACHINE window are selected.

    Figure 1-1


  5. Click OK to confirm and OK again to exit the Permissions window.

ESET Endpoint Antivirus for Linux (EEAL)

ESET Mail Security for Microsoft Exchange (EMSX)

  • During the ESET Mail Security for Microsoft Exchange Server installation on a system with Microsoft Exchange Server 2013 SP1 installed, or when updating your Microsoft Exchange Server 2013 with SP1 while already running ESET Mail Security for Microsoft Exchange Server, you may receive the error message "0xC00CE503:   MSG_E_COMMENTSYNTAX   Incorrect syntax was used in a comment". To resolve this issue, apply the Microsoft hotfix.

ESET Business Account (EBA)

  • ESA user quantity might exceed the specified margin.
  • Activated EFSU and EFDE devices might not appear after activation with Offline license file.
  • ESET Cloud Office Security reactivation might end with issues.
  • Multiple license removals might end in an unexpected error.
  • Duplicated activated devices might appear when a license is migrated from ESET License Administrator to EBA.
  • The number of activated devices displayed on the dashboard might not synchronize with product usage.
  • Downgrading a license to a Home product might not apply in EBA.
  • You can deactivate licenses with only up to 200 seats.

ESET MSP Administrator (EMA 2)

ESET Inspect and ESET Inspect Cloud

ESET Secure Authentication (ESA)

  • No known issues

ESET Endpoint Encryption (EEE)

DELL systems fail to boot after Full Disk Encryption

The following DELL Latitude systems are known to be affected when Legacy BIOS is enabled, and SATA Operation is set to either AHCI or RAID On: 

  • E7250
  • E7350
  • E7450 (7000 Series Ultrabook)
  • E5250
  • E5350
  • E5450
  • E5550 (5000 Series Laptop)

Systems starting in UEFI mode are not known to be affected. Certain versions of the BIOS in these DELL Latitude systems are known to have a bug, which causes Full Disk Encryption to be unable to access the disk correctly during start. A black screen with a flashing cursor displays when starting your computer. This can occur directly after the system is Full Disk Encrypted, but can also occur at a later time after numerous successful restarts. This not only affects ESET Endpoint Encryption (EEE) Full Disk Encryption, but also many other manufacturers of software disk encryption.

DELL has provided a BIOS update that fixes the issue.

Start the system to Windows to apply the BIOS update:

You may need to start the system to Windows to apply the BIOS update. We recommend that you install Windows on a second disk to start from it and apply the BIOS update. After the BIOS is updated, return the original disk to the system. 

If after updating the BIOS the system does not boot, the original BIOS may have blocked access to the system's Master Boot Record (MBR). You should restore the ESET Endpoint Encryption MBR using the Recovery Tool.

ESET Endpoint Security for Android (EESA)

  • Due to changes in Stock Android by Google, EESA is not able to execute the relevant steps related to the Wipe command properly anymore. To ensure at least some data security on Android 6 devices, this command behaves the same way as Enhanced factory reset. Among other things, for example, the process will end up with a restore to factory default settings.
  • Due to changes in Android 7.0, Google enables the user to deactivate an active device administrator and uninstall the application in a single action. Users can now uninstall EESA without entering the admin password.
  • If you have an active application on your device that has screen overlay permissions on your Android 6 (Marshmallow) device, you will be unable to grant permissions to any other application including your ESET product. To enable permissions for your ESET product, you must disable screen overlay permissions for the application.
    Permission settings for Android 6 (Marshmallow)

    If you receive the message "Screen overlay detected" after granting permissions in your ESET mobile product for Android, edit your permissions to resolve the issue.

  • To access features that use SMS services in ESET Endpoint Security downloaded from Google Play, you need to install the ESET SMS Tool application. For more information, visit the ESET SMS tool documentation.

ESET Endpoint Antivirus (EEA) and ESET Endpoint Security (EES) for macOS

Version 7
Version 6
  • Scheduler tool in ESET Endpoint Security for Mac and ESET Endpoint Antivirus for Mac running on macOS Big Sur (11) cannot run scheduled task for sandboxed applications. For example, all applications downloaded from the Apple store are sandboxed. You can find more information about Sandbox in the Apple documentation.
    • Scheduler can still create tasks for ESET applications and other non-sandbox applications.
  • A computer scan that is triggered from ERA and finds malware displays an action window on the endpoint computer that requires user interaction.
    • Solution: Use Strict Cleaning when triggering scans from ERA.
  • Media Control settings are not migrated to Device Control during an upgrade from version 6 to 6.1 and later.
  • Mail protection cuts off an email when sending it with ISO-2022-JP encoding.
  • Upgrade to version 6 can only be done from ESET NOD32 Antivirus 4 Business Edition version 4.1.100 and later.
  • Folders used as a storage place for several OS X Server services must be excluded from scanning.
  • You cannot deactivate Endpoint License from ESET License Administrator.
  • The Scan on File action blocks communication between VMware Fusion from version 7 and vCenter on OS X from version 10.10.4.
    • Solution: You must set exclusions and exclude the following folder:
      • On macOS 10.13 and earlier :
      • On macOS 10.14:
        /Applications/VMware Fusion.app/Contents/*.*
  • Cleaning loginwindow.plist on macOS 10.13 only works if you upgrade with products that have the same application bundle name.
  • The firewall may fail in ESET Endpoint Security for Mac 6.10.900.0 on macOS Big Sur (11). We advise disabling all application-specific rules for firewall in ESET PROTECT policies before you upgrade ESET Endpoint Security to 6.10.900.0 on BigSur. To partially compensate for these changes, we advise dividing your policies into two policies. The first policy will have the same firewall settings as your earlier policy, but will only be applied to computers with macOS 10.15 and earlier. The second policy will be for computers with macOS Big Sur, where the application-specific rules will be removed.

  • Text is missing in firewall dialogues in your ESET product for Mac.
    Products affected:
    • ESET Cyber Security Pro 6.10.600.0 and later
    • ESET Cyber Security 6.10.600.0 and later
    • ESET Endpoint Security for Mac 6.10.900.0 and later
    • ESET Endpoint Antivirus for Mac 6.10.900.0 and later
    You can resolve this issue by rebooting your computer.

ESET Server Security for Linux (ESSL)

ESET Gateway Security for Linux

  • In certain configurations, you may experience problems with video streaming on your network. For example, your media player may not be able to fill its video buffer, causing lags or synchronization issues during your video conferences.

Optimize ESET Gateway Security to prevent video streaming issues

If you encounter these or similar symptoms, we recommend you add a scanning exception for the problematic streaming address to the http directory of the ESETS configuration directory. To exclude a streaming address from scanning, use the following instructions:

  1. Append the streaming address you want to exclude from scanning to the whitelist_url file. To add an exception, replace the streaming address example in the following command by the address you want to exclude and run the command:

    echo "streaming.address.com:80/*" >> /etc/esets/http/whitelist_url
  2. To finalize adding/removing URL addresses, you must restart the ESETS daemon. Use the following command to execute an immediate restart:

    /etc/init.d/esets_daemon restart

For more information, use the following command to read the esets_http man page:

man esets_http

ESET Direct Endpoint Management plugin for ConnectWise Automate

ESET Direct Endpoint Management plugin for N-able N-central

ESET Direct Endpoint Management plugin for NinjaOne

ESET Direct Endpoint Management plugin for DattoRMM

ESET Security for Kerio

ESET business product no longer supported

This content applies to an ESET product version that is currently in End of Life status and is no longer supported. This content is no longer updated. 

For a complete list of supported products and support level definitions, review the ESET End of Life policy for business products.

Upgrade ESET business products.

  • Protection not working for up to 30 minutes after upgrade to Kerio Connect 8.1.0 or newer: In a case when upgrading from Kerio Connect 8.0.2 (or earlier) to version 8.1.0 (which is a version that officially does not support external AV protection) the upgrade process of Kerio does not preserve ESK's registration (dll and configuration) which renders EKS protection not to work and Kerio Connect is not protected even though the protection status is still Green. This is only for a period of time until ESK checks for its registration. This check is performed every 30 minutes. If ESK finds that the registration is not correct, it automatically registers itself, restarts Kerio Connect and resumes protection. This makes the protection to work properly again. Hence the Kerio Connect may not be protected for a maximum of 30 minutes after the upgrade.

    You can register ESK to Kerio Connect manually after the upgrade. This will turn the protection on immediately.

    1. Press the F5 key to open Setup.
    2. Expand Server ProtectionKerio Connect.
    3. Uncheck Register to Kerio Connect server and press OK button, protection status will change to Red.
    4. Repeat steps a. and b., check Register to Kerio Connect server and press OK button, this registers ESK to Kerio and turns the protecion on and status changes to Green.
  • File server protection displayed when using Kerio Control: On a system with Kerio Control, ESET Security for Kerio displays File server protection in its main program window in the Setup section. This is expected behavior, and when enabled, it means the Kerio Control is being protected by ESET Security for Kerio.