Installing other variants of the MSSQL package could install the vulnerable Log4j 2.ĮSET NOD32 Antivirus/Internet Security/Smart Security Premium for WindowsĮSET Endpoint Antivirus/Endpoint Security for WindowsĮSET Server Security for Microsoft Windows Server (former ESET File Security for Microsoft Windows Server)ĮSET Security for Microsoft SharePoint ServerĮSET Mail Security for IBM Domino (former ESET Mail Security for IBM Lotus Domino)ĮSET Server Security for Linux (former ESET File Security for Linux)ĮSET Virtualization Security for VMware NSXĮSET Mail/File/Gateway Security for Linux/BSD v4. Consumer products: ESET Internet Security, ESET Smart Security and ESET Smart Security Premium version 6.0 and later.Business products: ESET Endpoint Antivirus, ESET Endpoint Security and all ESET Server Security products version 7.0 and later.If you are using an earlier version of ESET security product, we recommend that you upgrade your ESET product to the latest version. The following ESET products are able to detect and block a potential attack on your system or network. ICS Terminology,'5 September, online, Accessed 6 September 2014, Tofino Security. ESET has been blocking attempted attacks from 14:24 CET the same day. Solution List of ESET products that can protect your system or networkĪs of December 11th, 2021, the Network Attack Protection feature in ESET security products on Windows was updated to detect exploits of the vulnerability. ESET Enterprise Inspector (EEI) users: Add detection rules in EEI to detect Log4j 2.ESET Secure Authentication (ESA) users: Upgrade to ESA version 3.0.40 or later or manually update your Elasticsearch instance.Mitigation steps: Follow the instructions in the WeLiveSecurity article Log4Shell vulnerability: What we know so far.At present we are not aware of any data exfiltration. This vulnerability may allow an attacker to remotely execute code.įor more information about the vulnerability, read our WeLiveSecurity article.ĮSET engineering teams are working around the clock to identify, patch and protect any potentially vulnerable systems. On December 10th, 2021, ESET began researching a vulnerability in the Log4j 2 utility ( CVE-2021-44228).
0 kommentar(er)
