Today we have released a Hotfix for ESET Enterprise Inspector v1.5 to address a few issues that were still present in the originally released version. For customers who are not experiencing any of the issues described below it is not necessary to update immediately, however due to the update of a few Rules within EEI, I would recommend to use this latest Hotfix version whenever possible due to the increase in security that it brings. Please find the full changelog below.

Changelog

• Fixed: issues with exclusions
• Fixed: issues with purge
• Fixed: issues related to search
• Due to the bug some rules were rewritten during the installation. It has been fixed and now following new rules will appear in the ruleset:
  - "Process communicating over potentially Suspicious Protocol - detected VNC communication"
  - "Process communicating over Suspicious Protocol - SMTP communication, unpopular process"
  - "File with extension used by Win32/Filecoder.Crysis has been written"
• Update of the rule "Suspicious PowerShell script - Screen/Keystroke/Window Capture"

Known Issues

• When upgrading to v1.5 from previous versions the installer doesn't remove an obsolete rule. However, the obsolete rule 'Network communication through port typical for TOR [B0503]' can be deleted manually.

Release notes

• Please use the .msi installer to upgrade the EEI server

Installation packages

• Build 1.5.1492 available on our official download page