ESET Server Security for Windows Server (formerly File Security for Microsoft Windows Server) 4.0, 8.0, 5.0, 1.0 and earlier from the respective version family.0 and earlier from the respective version family ESET Endpoint Antivirus for Windows and ESET Endpoint Security for Windows.ESET NOD32 Antivirus, ESET Internet Security, ESET Smart Security Premium, ESET Security Ultimate 16.2.15.0 and earlier. As far as is known, this vulnerability has not yet been exploited in the wild. The file operation handling vulnerability, which is performed by the real-time file system protection on the Windows operating system, allows an attacker capable of executing low privileged code on the target system to potentially delete arbitrary files as NT AUTHORITY\SYSTEM and thereby escalate their privileges. The vulnerability CVE-2024-035 allows an attacker to abuse the file operations performed by ESET's real-time file system protection to delete files without proper authorization. ESET has been informed by the Zero Day Initiative (ZDI) about a vulnerability that leads to local privilege escalation. Disclosure of the vulnerabilityĮSET has published on Februthe document ESET Customer Advisory: Link Following Local Privilege Escalation Vulnerability in ESET products for Windows fixed as a warning. ESET Endpoint solutions for Windows in version 11 are not affected by the vulnerability. The relevant updates are listed in the linked article. The update fixes a vulnerability that will not be disclosed in an advisory until February 14, 2024. ESET has released an important product update for its Windows product line ESET Endpoint Antivirus/Security. I had reported on the updates, on February 8, 2024, in the article Important ESET product updates available (Feb.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |