High-severity ESET flaw addressed

Patches have been issued by ESET for a high-severity flaw impacting its antivirus, server, and endpoint offerings for Windows, as well as its security products for Exchange Server, Azure, SharePoint Server, and IBM Domino, which could be leveraged to facilitate privilege escalation and arbitrary file deletion, reports SecurityWeek. Such a security issue, tracked as CVE-2024-0353, was observed by Trend Micro Zero Day Initiative researchers within ESET Windows offerings' real-time file system protection feature. "The vulnerability potentially allowed an attacker to misuse ESET's file operations, as performed by the real-time file system protection, to delete files without having proper permission," said ESET. Organizations using the vulnerable ESET instances have been urged to immediately apply the released fixes to avert the potentially severe impact of exploitation, which has not yet been observed in the wild. Moreover, ESET also called on organizations leveraging File Security for Azure to transition to Server Security for Windows Server.