Jump to content
  • ESET releases crucial product updates that fix security vulnerabilities for Windows AMSI


    Karlston

    • 794 views
    • 2 minutes
     Share


    • 794 views
    • 2 minutes

    ESET has released a bunch of product updates across the stack which fix a local privilege escalation (LPE) vulnerability that affected its products. The problem stemmed in the Windows Antimalware Scan Interface (AMSI) scanning feature, and the exploitation of it by threat actors could lead to LPE.

     

    The firm says:

     

    [...] an attacker who is able to get SeImpersonatePrivilege can misuse the AMSI scanning feature to elevate to NT AUTHORITY\SYSTEM in some cases.

     

    ESET was made aware of the flaw by Trend Micro's Zero Day Initiative (ZDI) and the vulnerability has been assigned the ID CVE-2021-37852.

     

    The following builds of the respective ESET products have the problem patched and ESET has encouraged users to update to these product versions:

     

    • ESET NOD32 Antivirus, ESET Internet Security, ESET Smart Security and ESET Smart Security 15.0.19.0 (released on December 8, 2021)

    • ESET Endpoint Antivirus for Windows and ESET Endpoint Security for Windows 9.0.2032.6 and 9.0.2032.7 (released on December 16, 2021)

    • ESET Endpoint Antivirus for Windows and ESET Endpoint Security for Windows 8.0.2028.3, 8.0.2028.4, 8.0.2039.3, 8.0.2039.4, 8.0.2044.3, 8.0.2044.4, 8.1.2031.3, 8.1.2031.4, 8.1.2037.9 and 8.1.2037.10 (released on January 25, 2022)

    • ESET Endpoint Antivirus for Windows and ESET Endpoint Security for Windows 7.3.2055.0 and 7.3.2055.1 (released on January 31, 2022)

    • ESET Server Security for Microsoft Windows Server 8.0.12010.0 (released on December 16, 2021)

    • ESET File Security for Microsoft Windows Server 7.3.12008.0 (released on January 12, 2022)

    • ESET Security for Microsoft SharePoint Server 8.0.15006.0 (released on December 16, 2021)

    • ESET Security for Microsoft SharePoint Server 7.3.15002.0 (released on January 12, 2022)

    • ESET Mail Security for IBM Domino 8.0.14006.0 (released on December 16, 2021)

    • ESET Mail Security for IBM Domino 7.3.14003.0 (released on January 26, 2021)

    • ESET Mail Security for Microsoft Exchange Server 8.0.10018.0 (released on December 16, 2021)

    • ESET Mail Security for Microsoft Exchange Server 7.3.10014.0 (released on January 26, 2022)

      Users of ESET Server Security for Microsoft Azure are advised to upgrade ESET File Security for Microsoft Azure to the latest version of ESET Server Security for Microsoft Windows Server.

     

    You can find more information on ESET's support page here.

     

     

    ESET releases crucial product updates that fix security vulnerabilities for Windows AMSI

    • Like 2

    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...