The background guard of Eset virus scanners contains a vulnerability that allows malicious actors to delete files with system privileges.

The real-time scanner of Eset antivirus solutions contains a security vulnerability. The manufacturer warned at the end of last week that attackers could delete arbitrary files with elevated rights.

In the according Security Advisory, Eset explains that real-time file system protection on Windows operating systems allows attackers with the rights to execute low-privileged code to delete arbitrary files as NT AUTHORITY\SYSTEM on vulnerable systems, escalating the attackers' privileges (CVE-2024- 0353, CVSS 7.8, risk high). According to current knowledge, the vulnerability has not yet been abused in the wild, the company continues.

Eset updates are available

Various products from the manufacturer are affected. These include end-user virus protection in all versions, endpoint protection for corporate networks, server security software, mail virus scanners for Exchange and IBM Domino, protection for Sharepoint servers and for Microsoft's Azure.

Eset provides administrators with the following updated software versions:

• Eset NOD32 Antivirus, Eset Internet Security, Eset Smart Security Premium, Eset Security Ultimate 17.0.10.0 and newer

• Eset Endpoint Antivirus for Windows and Eset Endpoint Security for Windows 11.0.2032.0, 10.1.2063.0, 10.0.2052.0, 9.1.2071.0, 8.1.2062.0 and newer from the respective development branch

• Eset Server Security for Windows Server (formerly File Security for Microsoft Windows Server) 10.0.12015.0, 9.0.12019.0, 8.0.12016.0, 7.3.12013.0 and newer from the respective development branch

• Eset Mail Security for Microsoft Exchange Server 10.1.10014.0, 10.0.10018.0, 9.0.10012.0, 8.0.10024.0, 7.3.10018.0 and newer from the respective development branch

• Eset Mail Security for IBM Domino 10.0.14007.0, 9.0.14008.0, 8.0.14014.0, 7.3.14006.0 and newer from the respective development branch

• Eset Security for Microsoft SharePoint Server 10.0.15005.0, 9.0.15006.0, 8.0.15012.0, 7.3.15006.0 and newer from the respective development branch

• Eset File Security for Microsoft Azure: Customers should upgrade to the latest version of Eset Server Security for Microsoft Windows Server

The company's virus protection that has reached end-of-life does not appear in the list. In an Eset support document, IT managers can check whether their version is still supported.

Eset recommends downloading the updated versions from the download page for home products or the download page for business products. IT managers should carry out the update immediately or plan it for the near future.