Any company that stores or processes Personal Data of EU residents will be responsible for complying with the new regulations, whether or not the company is based in the EU.

What PII / Personal Data does Emsisoft store?

Emsisoft stores various pieces of user information that would be considered as Personal Data, including, but not limited to:

• Full name. Note: You may choose a random pseudonym/nickname at any times.

• Email address

• Password. Note: We only store an individually salted hash of your password that doesn’t allow us or anyone else to restore or see it.

• Postal address. Note: Only if you require your full address on invoices, ie. business orders.

• IP address.

• Machine-ID hash. Note: A unique hash of a combination of several hardware component serials, used to assign and protect licenses. Serials can’t be restored from the hash.

• License key.

• Location on country level. Note: Based on publicly available information about your IP. 

We explicitly do not store any credit card information, as online orders are processed by our trusted e-commerce partners.

For a more detailed list of the types of data we collect, store, and use, please review our updated Privacy Policy and Terms of Service.

Will I be GDPR compliant when using Emsisoft as my anti-virus and anti-malware software?

Emsisoft is fully compliant with GDPR regulations. This means that you are compliant when using Emsisoft as an anti-virus and anti-malware security program for your own GDPR compliance. Please review our Privacy Policy to learn more.

Does Emsisoft send my data to any third parties?

Yes. Emsisoft uses third-party applications to host customer data, provide other infrastructure, and perform other service functions. We have updated our Privacy Policy with details of all our third-party suppliers for your review. You can choose to permit or restrict Third Party Services for your Workspace. Typically, Third Party Services are software that integrate with our Services, and you can permit its Authorized Users to enable and disable these integrations for your Workspace. 

Does any of my company data leave the EU?

Yes. Emsisoft uses third-party applications to host customer data, provide other infrastructure, and perform other service functions. Some of these third-party services are hosted outside of the EU. All of our third party service providers are hosted in countries which obey strict and lawful standards of security. 

We’re not an EU-based company nor do we serve EU Citizens, will you treat our data differently?

No. We provide all our customers the same level of data security regardless of location and nationality.

Should this affect my decision to choose Emsisoft?

There is no need to worry about GDPR compliance with Emsisoft. Emsisoft’s Terms of Service, along with our Privacy Policy will cover GDPR requirements when using us as an antivirus and anti-malware as part of your security program.

The post How does the the General Data Protection Regulation affect my company? appeared first on Emsisoft Help.

The EU GDPR has introduced new rules to increase Personal Data control for EU Citizens, including the right to request personal records (Right to Access) and to request personal record deletion (Right to be Forgotten). New security requirements were also introduced with the goal of increasing data security accountability of businesses handling the Personal Data of EU Citizens.

Does Emsisoft store my Personally Identifiable Information (PII) or Personal Data?

Yes. Personal Data is any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier. Emsisoft stores various pieces of user information that could be considered as Personal Data.

What PII / Personal Data does Emsisoft store?

Emsisoft stores various pieces of user information that would be considered as Personal Data, including, but not limited to:

• Full name. Note: You may choose a random pseudonym/nickname at any times.

• Email address

• Password. Note: We only store an individually salted hash of your password that doesn’t allow us or anyone else to restore or see it.

• Postal address. Note: Only if you require your full address on invoices, ie. business orders.

• IP address.

• Machine-ID hash. Note: A unique hash of a combination of several hardware component serials, used to assign and protect licenses. Serials can’t be restored from the hash.

• License key.

• Location on country level. Note: Based on publicly available information about your IP. 

We explicitly do not store any credit card information, as online orders are processed by our trusted e-commerce partners.

For a more detailed list of the types of data we collect, store, and use, please review our updated Privacy Policy and Terms of Service.

Does any of my data leave the EU?

Yes. Emsisoft uses third-party applications to host customer data, provide other infrastructure, and perform other service functions. Some of these third-party services are hosted outside of the EU. All of our third party service providers are hosted in countries which obey strict and lawful standards of security. 

I’m not an EU Citizen, will you treat my data security differently?

No. All our customers can expect the same level of data security regardless of location and nationality.

The post How does the the General Data Protection Regulation affect home users? appeared first on Emsisoft Help.

The General Data Protection Regulation (GDPR) is a new set of rules to give EU citizens back control over of their personal data, and to simplify the regulatory environment for business. 

When does it come into effect?

The GDPR will come into effect by May 25, 2018.

Will Emsisoft be GDPR compliant by the deadline?

Yes.

The post What is the General Data Protection Regulation? appeared first on Emsisoft Help.

The following vulnerabilities have been disclosed:

2019-01-02: ACL bypass in Emsisoft Protection Platform driver

Description:

EPP.sys in Emsisoft Anti-Malware versions prior to version 2018.12 allows a local attacker to bypass its ACLs because Interpreted Device Characteristics lacks FILE_DEVICE_SECURE_OPEN and therefore files and directories “inside” the \\.\EPP device are not properly protected. As a result, a local attacker may be able to use functionality exposed by the driver to enumerate and read process details, they would normally not have access to.

Affected products:

All Emsisoft Anti-Malware versions prior to version 2018.12.

Fix:

The issue has been fixed in version 2018.12 and later, which was released January 2nd, 2019. Due to our rolling release model, all users received the fix automatically via their online updates and no manual intervention is required.

Acknowledgements:

Emsisoft would like to thank Nafiez for bringing this issue to our attention.

2016-01-08: Code execution and privilege escalation in installers

Description:

Installer packages of Emsisoft products have been found to be vulnerable to so-called carpet poisoning attacks. These allow for execution of third party code with elevated rights, in the event that the malicious code is already planted in DLL files using specific file names in the same folder where the installer packages are saved to and executed from.

Background:

The root cause of this issue is essentially the way in which Windows loads DLL files. While developers expect that system components are loaded from the Windows folder, Windows looks for an equally named file in the same folder of an executable (EXE) first. This allows an attacker to plant a malicious version of a DLL in the same folder (e.g. via drive-by download) to get their malicious code executed with higher rights when the installer for the legitimate software is executed. Since installers require elevated rights, they pass on these rights to any other code they load, such as code in DLL files, allowing them to gain higher rights than they would get when executed on their own.

Affected products:

The issue affects all Emsisoft installation packages (setups) that were compiled before 2016-01-08, in particular, EmsisoftAntiMalwareSetup.exe, EmsisoftInternetSecuritySetup.exe, and EmsisoftEmergencyKit.exe. You can verify the timestamp of signing in file properties under “Digital Signatures” (right-click on the file, select “Properties”, and click on the “Digital Signatures” tab to view this information).

Emsisoft code was never affected by this issue. The problem is limited to the installers (setup programs) that install our products on your computer, which are based on third-party installer technology.

Fix:

All installers were re-compiled with a fixed version of the installer technology on 2016-01-08.
Older installers may still be safely executed from any new folder that does not contain any other DLL files.

Security advise:

Since this generic problem affects a high number of installers from various vendors, it is recommended to never execute downloaded programs directly from unsafe folders like “Downloads” or “Temp”. You may want to set the permissions of those folders to deny execution and/or always move downloaded programs into new and empty folders before executing or running them.

Acknowledgements:

Emsisoft would like to thank Stefan Kanthak for bringing this issue to our attention.

The post Vulnerability report appeared first on Emsisoft Help.