Possible Security Issue found in 3.0.657/667 (possibly others too)

Discussion in 'ESET NOD32 Antivirus' started by EvilDave UK, Jun 18, 2008.

Thread Status:
Not open for further replies.
  1. EvilDave UK

    EvilDave UK Registered Member

    Dec 20, 2005
    United Kingdom
    I've just tried to manually uninstall EAV 3.0.657 from a workstation as the einstaller service wouldn't start. The installation has a password set - I'm prompted to enter it when I try to go into the ESET Options Menu.

    However, EAV doesn't prompt me for a password if I try to uninstall it. I go into Add/Remove Programs and click Remove. There's not even a confirmation to ask "are you sure"... it just starts removing it... and after a few seconds, it's gone. No email to the "Warnings" email address as specified in ERA Config Editor, nothing.

    The only thing that tells me something's up is when I log into ERA and it says that PC hasn't updated in a while.

    I've never tried to uninstall EAV/ESS 3.0 before, but this was a feature of 2.7.
  2. Marcos

    Marcos Eset Staff Account

    Nov 22, 2002
    Right, it's against msi standards to prompt the user during uninstallation. However, we've made a sort of patch so that password is required to uninstall the program, this will be incorportaed in the next major release. Unlike msi used in v3, v2 had been employing our own installer so there was no problem with that.
  3. mkuntic

    mkuntic Registered Member

    Mar 6, 2008
    Hopefully you'll implement an algorithm to discern whether the software is being uninstalled manually or via GPO, and NOT enforce password entry in case of the latter.
  4. edwin3333

    edwin3333 Registered Member

    Aug 29, 2007
    My 2 cents worth -- I liked your installer better than the MSI installer. The Nod32 installer was very quick and worked in safe mode. Granted, MSI doesn't require a reboot and I can see how people pushing with GPO's or SMS would enjoy an MSI.
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.