Critical software update

  • September 5, 2023
  • 3 min read

Over the years, we have established a regular monthly release cycle for our products and we’re usually able to update the software without the need for a system reboot. In fact, a reboot is only required when we update driver components. Typically, this does not happen more often than 1-2 times a year.

However, due to an external factor outside of our control, we are forced to deviate from our regular release cycle and must also ask you to immediately reboot your computer.

Please update AND reboot!

We urge all our customers to make sure automatic updates are enabled in Emsisoft Anti-Malware, Emsisoft Business Security and Emsisoft Enterprise Security and reboot their computers before September 22nd, 2023.

Not doing so will likely result in a software malfunction that will require re-installation of the software to fix. 

We apologize for any inconvenience this causes.

What happened?

Protection software like ours is digitally signed with a certificate that warrants the files are authentic, published by us, and in a non-manipulated state. Microsoft sets a high bar specifically for the antivirus industry and requires not just regular code signing certificates, but also Extended Validation (EV) code signing certificates that are protected by a FIPS 140-2 Level 2-compliant cryptographic device to ensure certificates cannot be stolen and misused.

Code signing certificates must be renewed every 12 months, with an extensive validation process by the certificate authority that issues the certificates. In our case, GlobalSign. Validation includes proof of address of the company, business register validation and more.

On August 23rd, we renewed our EV code signing certificate as usual. Verification went fine and we received a new certificate. All program files compiled by us after that date made use of the new certificate, including the 2023.9 release published on September 4th.

Yesterday, GlobalSign reached out to us letting us know that they made a mistake with our certificate: namely, they entered our business number incorrectly. This means they must revoke the certificate on September 22nd and re-issue a new one with the correct business number.

We have received a new, corrected certificate today and immediately re-signed all files that were previously signed by the to-be-revoked certificate. The new files are available through the online update of our products and we expect that the vast majority of our customers will automatically receive the new version before the old certificate gets revoked.

However, to complicate matters further, we published a new driver component for the new rollback feature in version 2023.9. That driver file requires a reboot to install a new version of the file, and this is why we need you to not just update the software but also reboot your device before the revocation deadline.

When a certificate authority revokes a certificate, all software files that have been signed with it will produce a security warning, and drivers may not load at all. This essentially breaks the protection, including the ability to run online updates. If that happens, only a re-installation of the software will resolve the issue.

We apologize for the inconvenience this may cause, but reiterate that it was completely outside of our control. Unfortunately, there is nothing we can do to prevent situations like this from happening, and GlobalSign has rejected multiple requests to extend the deadline for revocation. It goes without saying that we are far from happy with the way GlobalSign has handled this issue.

Be assured that we will continue to work to minimize the impact of this issue for our customers.

If you have any questions, please don’t hesitate to reach out to our customer support team.

Emsisoft Enterprise Security + EDR

Robust and proven endpoint security solution for organizations of all sizes. Start free trial

 

Emsi

Emsi

Emsisoft founder and managing director. In 1998 when I was 16, a so called 'friend' sent me a file via ICQ that unexpectedly opened my CD-ROM drive, which gave me a big scare. It marked the start of my journey to fight trojans and other malware. My story

What to read next