ESET Customer Advisory 2026-0005
March 23, 2026
Severity: Medium
Summary
ESET has taken action to resolve an issue with the epfwwfp driver through the release of an automatic product update to multiple ESET security solutions. These updates will be distributed to all affected applications, regardless of auto-update settings, as per the terms set in the EULA.
Details
A high-severity issue in the epfwwfp driver, utilized for network traffic scanning, has been identified during the investigation of support tickets reported by several customers.
The issue may manifest when an affected ESET security application is upgraded using a full installer, for instance, the .msi type (used, for example, in the Software Install tasks via ESET PROTECT). This could prevent the ESET service from stopping gracefully and in a timely manner, causing the upgrade to fail, leaving the system unprotected. As this is not acceptable, ESET decided to release a mandatory Auto-update to ensure continual protection of our customers and their systems.
Please note that the released hotfix versions will contain only this one fix (compared to the latest released version) to minimize potential issues.
Solution
ESET will release fixed applications listed below as mandatory Security and Stability hotfixes.
It is important not to run the update from an installer file (for example, via ESET PROTECT's Software Install Task or "Update ESET applications"). In this case, the product would run into the issue described above. Wait for the auto-update to be applied automatically and then restart the computer when prompted.
The following updates will be applied to all affected products, regardless of auto-update settings:
ESET Endpoint Antivirus and ESET Endpoint Security for Windows 12.1.2076.1 (released on March 24, 2026)
The following updates will be applied to the affected products with auto-updates enabled:
ESET Server Security for Microsoft Windows Server 12.1.12012.1 (released on April 9, 2026)
ESET Mail Security for Microsoft Exchange Server 12.1.10010.1 (released on April 9, 2026)
ESET Security for Microsoft SharePoint Server 12.1.15006.1 (released on April 9, 2026)
Please note that the updates for ESET Server Security for Microsoft Windows Server, ESET Mail Security for Microsoft Exchange Server and ESET Security for Microsoft SharePoint Server will be released as auto-updates only - the installers will be available in the repository at a later date.
Additionally, on April 9, the updates will be available only upon manually selecting the "Check for updates" option, as well as automatically for those customers that have their auto-update timing set to "Immediate auto-updates" in the policy. Automatic distribution to the affected products with "Gradual update rollout" timing selected in their policy will start on April 14 and will continue throughout the following week.
Feedback & Support
If you have feedback or questions about this issue, contact us using the ESET Security Forum, or via local ESET Technical Support.
Version log
Version 1.4 (April 2, 2026): Added information about the release of server products
Version 1.3 (March 25, 2026): Clarified installer‑related notes in the Details and Solution sections
Version 1.2 (March 24, 2026): Added an explicit prompt not to run an installer file
Version 1.1 (March 23, 2026): Clarified the wording of the Summary section
Version 1.0 (March 23, 2026): Initial version of this document
Add a comment
Please log in or register to submit a comment.