Possible Security Issue found in 3.0.657/667 (possibly others too)

Discussion in 'ESET NOD32 Antivirus' started by EvilDave UK, Jun 18, 2008.

Thread Status:
Not open for further replies.
  1. EvilDave UK

    EvilDave UK Registered Member

    Joined:
    Dec 20, 2005
    Posts:
    275
    Location:
    United Kingdom
    I've just tried to manually uninstall EAV 3.0.657 from a workstation as the einstaller service wouldn't start. The installation has a password set - I'm prompted to enter it when I try to go into the ESET Options Menu.

    However, EAV doesn't prompt me for a password if I try to uninstall it. I go into Add/Remove Programs and click Remove. There's not even a confirmation to ask "are you sure"... it just starts removing it... and after a few seconds, it's gone. No email to the "Warnings" email address as specified in ERA Config Editor, nothing.

    The only thing that tells me something's up is when I log into ERA and it says that PC hasn't updated in a while.

    I've never tried to uninstall EAV/ESS 3.0 before, but this was a feature of 2.7.
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Right, it's against msi standards to prompt the user during uninstallation. However, we've made a sort of patch so that password is required to uninstall the program, this will be incorportaed in the next major release. Unlike msi used in v3, v2 had been employing our own installer so there was no problem with that.
     
  3. mkuntic

    mkuntic Registered Member

    Joined:
    Mar 6, 2008
    Posts:
    54
    Hopefully you'll implement an algorithm to discern whether the software is being uninstalled manually or via GPO, and NOT enforce password entry in case of the latter.
     
  4. edwin3333

    edwin3333 Registered Member

    Joined:
    Aug 29, 2007
    Posts:
    244
    My 2 cents worth -- I liked your installer better than the MSI installer. The Nod32 installer was very quick and worked in safe mode. Granted, MSI doesn't require a reboot and I can see how people pushing with GPO's or SMS would enjoy an MSI.
     
Thread Status:
Not open for further replies.