InfoSecBulletin Cybersecurity for mankind
ESET Issued security patch for privilege escalation flaw in its Windows security products. This flaw, called CVE-2024-2003 (CVSS 7.3), was found by the Zero Day Initiative (ZDI). It could have let attackers gain access to important files and folders without permission.
The vulnerability exploited ESET’s file operations while restoring quarantined files. Attackers could manipulate this process to create or overwrite any files, potentially granting them administrative control over the system. This privilege escalation is a significant security risk, as it enables malicious actors to circumvent safeguards and unleash chaos on a compromised machine.
AMD Patches CPU Vulnerability
Hackers To Use HTTP Client Tools To Compromise Microsoft 365 Accounts
Google patches 47 Android flaws, Including Actively Exploited CVE-2024-53104
CVE-2025-21415
Microsoft Patches Critical Azure AI Face Service Vulnerability
Daily Security Update Dated:4.02.2025
768 Exploited CVEs in 2024, a 20% Increase from 639 in 2023
.Gov Domains Weaponized in Phishing Surge
RedSentry presents
Hacked 101 Seminar Successfully Ended at UITS
US scientists claim to replicate DeepSeek for $30 dubbed “TinyZero,”
ChatGPT, DeepSeek, Qwen 2.5-VL Vulnerable to AI Jailbreaks
Proactive Response from ESET
ESET quickly addressed the problem by releasing a fix in the Antivirus and antispyware scanner module 1610. The fix was automatically distributed to customers through regular updates from April 2024. This proactive response protected most users from the flaw before anyone could exploit it.
Who Was Affected?
The vulnerability affected a wide range of ESET products for Windows, including:
ESET NOD32 Antivirus
ESET Internet Security
ESET Smart Security Premium
ESET Security Ultimate
ESET Endpoint Security for Windows
ESET Server Security for Windows Server
ESET Mail Security for Microsoft Exchange Server
ESET Mail Security for IBM Domino
…and several other ESET business and enterprise solutions.
What Do Users Need to Do?
ESET customers who keep their products updated are already safe and don’t need to do anything else. New installations should use the latest installers from ESET’s website or repository.
