ESET has published a security advisory to address vulnerabilities in multiple products on the 31st of January 2022. It is recommended that you take the necessary precautions by ensuring your products are always updated. Affected products are:
ESET NOD32 Antivirus, ESET Internet Security, ESET Smart Security and ESET Smart Security Premium from version 10.0.337.1 to 15.0.18.0
ESET Endpoint Antivirus for Windows and ESET Endpoint Security for Windows from version 6.6.2046.0 to 9.0.2032.4
ESET Server Security for Microsoft Windows Server 8.0.12003.0 and 8.0.12003.1, ESET File Security for Microsoft Windows Server from version 7.0.12014.0 to 7.3.12006.0
ESET Server Security for Microsoft Azure from version 7.0.12016.1002 to 7.2.12004.1000
ESET Security for Microsoft SharePoint Server from version 7.0.15008.0 to 8.0.15004.0
ESET Mail Security for IBM Domino from version 7.0.14008.0 to 8.0.14004.0
ESET Mail Security for Microsoft Exchange Server from version 7.0.10019 to 8.0.10016.0
For more information on this update, you can follow this URL:
The Guyana National CIRT recommends that users and administrators review this update and apply it where necessary.
PDF Download: ESET Security Advisory.pdf
References
ESET security advisory (31st January 2022). Retrieved from ESET.
https://support.eset.com/en/ca8223-local-privilege-escalation-vulnerability-fixed-in-eset-products-for-windows
ESET security advisory (2nd February 2022). Retrieved from Bleeping Computer.
https://www.bleepingcomputer.com/news/microsoft/eset-antivirus-bug-let-attackers-gain-windows-system-privileges/