查看: 3516|回复: 10
收起左侧

[分享] 请EMSISOFT用户尽快更新版本并重启系统。

[复制链接]
GreatMOLA
发表于 2023-9-8 08:38:24 | 显示全部楼层 |阅读模式
消息来自官网Newsroom。https://www.emsisoft.com/en/blog ... f=news230907_all_en

Please update AND reboot!
We urge all our customers to make sure automatic updates are enabled in Emsisoft Anti-Malware, Emsisoft Business Security and Emsisoft Enterprise Security and reboot their computers before September 22nd, 2023.

Not doing so will likely result in a software malfunction that will require re-installation of the software to fix.

We apologize for any inconvenience this causes.

What happened?
Protection software like ours is digitally signed with a certificate that warrants the files are authentic, published by us, and in a non-manipulated state. Microsoft sets a high bar specifically for the antivirus industry and requires not just regular code signing certificates, but also Extended Validation (EV) code signing certificates that are protected by a FIPS 140-2 Level 2-compliant cryptographic device to ensure certificates cannot be stolen and misused.

Code signing certificates must be renewed every 12 months, with an extensive validation process by the certificate authority that issues the certificates. In our case, GlobalSign. Validation includes proof of address of the company, business register validation and more.

On August 23rd, we renewed our EV code signing certificate as usual. Verification went fine and we received a new certificate. All program files compiled by us after that date made use of the new certificate, including the 2023.9 release published on September 4th.

Yesterday, GlobalSign reached out to us letting us know that they made a mistake with our certificate: namely, they entered our business number incorrectly. This means they must revoke the certificate on September 8th and re-issue a new one with the correct business number.

We have received a new, corrected certificate today and immediately re-signed all files that were previously signed by the to-be-revoked certificate. The new files are available through the online update of our products and we expect that the vast majority of our customers will automatically receive the new version before the old certificate gets revoked.

However, to complicate matters further, we published a new driver component for the new rollback feature in version 2023.9. That driver file requires a reboot to install a new version of the file, and this is why we need you to not just update the software but also reboot your device before the revocation deadline.

When a certificate authority revokes a certificate, all software files that have been signed with it will produce a security warning, and drivers may not load at all. This essentially breaks the protection, including the ability to run online updates. If that happens, only a re-installation of the software will resolve the issue.

We apologize for the inconvenience this may cause, but reiterate that it was completely outside of our control. Unfortunately, there is nothing we can do to prevent situations like this from happening, and GlobalSign has rejected multiple requests to extend the deadline for revocation. It goes without saying that we are far from happy with the way GlobalSign has handled this issue.

一句话总结:证书颁发机构在颁发新证书时错误地输入了企业编号,导致证书必须吊销,请在问题证书被吊销前及时更新以替换使用问题证书的文件。本次更新需要重新启动系统,因为在上一次更新中所安装的新驱动程序也使用了问题证书,更新替换它们需要重新启动。

hhhq316
头像被屏蔽
发表于 2023-9-8 09:15:44 | 显示全部楼层
本帖最后由 hhhq316 于 2023-9-8 09:17 编辑

有问题的回滚模块需要重启才行,应该只影响到企业版吧?是不是个人版可忽略
GreatMOLA
 楼主| 发表于 2023-9-8 09:57:33 | 显示全部楼层
hhhq316 发表于 2023-9-8 09:15
有问题的回滚模块需要重启才行,应该只影响到企业版吧?是不是个人版可忽略

官方说是全系产品都需要。
hhhq316
头像被屏蔽
发表于 2023-9-8 10:00:28 | 显示全部楼层
GreatMOLA 发表于 2023-9-8 09:57
官方说是全系产品都需要。

好吧,刚重启完
IamAngry
发表于 2023-9-8 10:08:09 | 显示全部楼层
这么大个证书机构竟然会签错证书
cunchaoli
发表于 2023-9-8 10:13:50 | 显示全部楼层
这么大个企业竟然会犯这样的错误
wudimeisuowei
发表于 2023-9-8 10:18:11 | 显示全部楼层
本帖最后由 wudimeisuowei 于 2023-9-8 11:07 编辑

这个不错。。。。
ytysh
发表于 2023-9-8 11:47:00 | 显示全部楼层
一个公司走下坡路的一些信号
aikafans
发表于 2023-9-8 12:13:40 | 显示全部楼层
骚操作真是一波接着一波
流风细雨
发表于 2023-9-8 13:58:09 | 显示全部楼层
机翻:
-----------------------------
发生了什么事?
像我们这样的保护软件使用证书进行数字签名,该证书保证文件是真实的,由我们发布,并且处于非操纵状态。Microsoft专门为防病毒行业设定了高标准,不仅需要常规代码签名证书,还需要受符合 FIPS 140-2 级别 2 的加密设备保护的扩展验证 (EV) 代码签名证书,以确保证书不会被窃取和滥用。

代码签名证书必须每 12 个月续订一次,并由颁发证书的证书颁发机构进行广泛的验证过程。在我们的例子中,全球标志。验证包括公司地址证明、商业登记验证等。

23 月 2023 日,我们像往常一样更新了 EV 代码签名证书。验证顺利,我们收到了新证书。在该日期之后编译的所有程序文件都使用了新证书,包括 9 月 4 日发布的 <>.<> 版本。

昨天,GlobalSign 与我们联系,告诉我们他们对我们的证书有误:即他们输入了错误的我们的公司编号。这意味着他们必须在 8 月 <> 日吊销证书,并使用正确的公司编号重新颁发新证书。

我们今天收到了一个新的更正证书,并立即对以前由要吊销的证书签名的所有文件进行了重新签名。新文件可通过我们产品的在线更新获得,我们希望绝大多数客户将在旧证书被吊销之前自动收到新版本。

但是,为了使事情进一步复杂化,我们在版本 2023.9 中为新的回滚功能发布了新的驱动程序组件。该驱动程序文件需要重新启动才能安装该文件的新版本,这就是为什么我们不仅需要您更新软件,还需要在吊销截止日期之前重新启动设备。

当证书颁发机构吊销证书时,使用该证书颁发机构签名的所有软件文件都将生成安全警告,并且驱动程序可能根本无法加载。这基本上破坏了保护,包括运行在线更新的能力。如果发生这种情况,只有重新安装软件才能解决问题。

对于由此可能造成的不便,我们深表歉意,但重申这完全超出了我们的控制范围。不幸的是,我们无能为力来防止这种情况发生,GlobalSign 拒绝了多次延长撤销截止日期的请求。不言而喻,我们对GlobalSign处理这个问题的方式远不满意。

请放心,我们将继续努力,以尽量减少此问题对客户的影响。

如果您有任何疑问,请随时联系我们的客户支持团队。


---------------------------------------

还能犯这种错误
你犯错,我背锅  EMSI好冤
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-11-22 03:33 , Processed in 0.119338 second(s), 16 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表