ESET Certificate Situation Overview

INTRODUCTION

On February 8, 2020, our Antivirus service provider, ESET, has identified a critical bug on all the ESET Endpoint Security clients. This issue has affected all ships using the Dualog Antivirus Distribution. The actual bug is related to one of their certificates being expired. The impact is that the endpoint protection on all PCs running the ESET Endpoint Security may have been compromised.

In cooperation with ESET, we have produced a patch in order to address the issue in every possible ESET scenario. This patch must always be run with elevated administrator rights on all affected PCs.

The version of Dualog Connection Suite running on each ship will define what procedure needs to be followed on the affected clients. Below is a comprehensive overview of the possible scenarios.

If ESET is already malfunctioning, running this patch will replace the service with a working version. No system restart should be required. If you have an affected version of ESET that is still working as intended, applying the patch will replace the service with an updated one, which will prevent the issue from occurring.

PATCHES TO RESTORE SECURITY

Connection Suite 2.36 and lower

ESET Certification Patch

Connection Suite 2.38 and above

ESET Certification Patch

 

Disclaimer: once this is done, the protection and updates will be restored. However, the version of ESET has reached EOL and needs to be upgraded 

UPGRADE TO THE SUPPORTED ESET VERSION

Connection Suite 2.36 and lower

Dualog Server

Other Clients Onboard

Connection Suite 2.38 and above

Dualog Server

Other Clients Onboard

 

SHORE AV REPORTS

It is possible to query the Dualog shore portal to monitor the current Antivirus version and the status of the client upgrades.

  1. Login to https://dualog.net/ with an administrator account with access to AV reports for individual vessels
  2. Click on Reports > Anti-Virus
  3. Select the appropriate vessel and check if the affected machines are getting updated after the certificate patch (Do allow a minimum of 6 hours after applying the patch)
  4. If the machines are getting updated, it will mean that the patch has been successfully applied
  5. If the machines are not updating, please contact Dualog support
Export article
Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.