cancel
Showing results for 
Search instead for 
Did you mean: 
crcurran
Active Contributor

'Kaspersky Software Updater' keeps installing, but I got rid of Kaspersky AV

I kept finding it on workstations here and there.  I would uninstall thinking I missed it, but I continued to find it.  I thought maybe there was a remaining workstation acting as a repository and installing the Updater, or a Windows DC Server GPO installing silently.  Never could find workstations nor any GPOs. 

 

I spent hours looking around on the Internet to solve this problem.  I finally found it Logmein without telling me when I turned 3rd party application updates that they would be silently installing Kaspersky Russian Software.  You know, the Russians, who all 17 Intelligence agencies in the US say is hacking our elections and numerous other infrastructure systems in our country and most of the rest of the World.

 

Russia is untrustworthy.   Plenty of information to chew about that:  https://www.google.com/search?q=ties+between+Kaspersky+and+russia&rlz=1C1GGRV_enUS787US787&oq=ties+b...

 

This isn't acceptable not being notified the technology being used for 3rd Party application updater.

 

1 ACCEPTED SOLUTION

Accepted Solutions
GlennD
GoTo Manager

Hi @crcurran,

 

I understand your concern and would like to reassure you and all of our Central customers, that we closely monitor and review all 3rd party software that we use.  Disabling the Automatic Updates feature will result in the software being removed but, there is also a One2Many script that you can run. I have shared your feedback with the product team.

 

Glenn is a member of the GoTo Community Care Team.

Was your question answered? Please mark it as an Accepted Solution.
Was a post helpful or informative? Give it a Kudo!

View solution in original post

18 REPLIES 18
rjp-sh
Active Contributor

On many of my users I have recently noticed that 'Kaspersky Software Updater' was installed around the last week of August. As my users do not have permissions to install software and because most of them have this it I can only assume that with the latest LogMeIn updates that this software was installed by them.  With the controversy surrounding Kaspersky it seems this is a bad move on LogMeIn's part - to auto install controversial software on customers machines with no warning or notification. 

 

If people would like to opt-in to this service that seems fine - but to automatically take this step it seems to be a breach of trust on LogMeIn's part.  Is there a way to opt out of this service and remove this software from the LMI Central Control Panel?

 

Tags (1)
vinemt
Active Contributor

It looks like LogMeIn autoinstalled Kaspersky Software Updater without asking. Additionally, it was installed in an insecure manner introducing a vulnerability on every machine on my network. It installed the KSU service and gave "Everyone" control over the service therefore unprivileged users can modify the properties of this service, allowing an unprivileged, local attacker to execute arbitrary code or commands as SYSTEM.

 

https://support.microsoft.com/en-us/help/914392/best-practices-and-guidance-for-writers-of-service-d...

 

https://msdn.microsoft.com/en-us/library/ms685981(VS.85).aspx

 

This is Unacceptable. Additionally, there doesn't seem to be a silent uninstaller, which means every system must be visited.

 

LogMeIn - where do you get off autoinstalling Kaspersky software onto our machines?

vinemt
Active Contributor

Silent uninstall string is

msiexec.exe /x{DEEDA858-A9B4-4212-8873-2F2CE2706E68} /qb

 

It may be part of their new 3rd party software updater system, so if you use that check for further guidance. We don't.

I'll post back if the software recurs after this removal.

 

Edit 10/27/17 - So far, no recurrance of the installs.

BangHeadHere
New Contributor

last week LMI "somehow" installed Kaspersky on hundreds of our company computers and uninstalled the Anti-Virus that we were running already

Vitor_M
Retired GoTo Contributor

Hello,

 

The Kaspersky software updater should only be installed if you opt a computer to be part of the Applications feature. ( in your Central console, under application you need to set a computer to be either Automatically update or Manually update) if neither of those are checked the program does not get installed. 

 

@BangHeadHere the Kaspersky Endpoint Protection software will attempt to uninstall any local av's it finds, but again the admin needs to choose to push the KES to the users. 

 

Best,

 

Vitor 

Vitor is a member of the LogMeIn Community Care Team.

Was your question answered? Please mark it as an Accepted Solution.
Was a post helpful or informative? Give it a Kudo!
vinemt
Active Contributor

We use a different application for 3rd party software so I actually had "Application Updates Disabled" set on every computer on my network since LMI's application update inception. When this went down, my Nessus scans revealed that LMI had installed the Kaspersky updater on every machine on my network, servers included. It was flagged as a Critical vulnerability on my network since it installs with improper permissions set on its .dlls

rjp-sh
Active Contributor

Vitor, 

 

This is incorrect. On all of the computers in my account this software was installed. None of them are marked for automatic updates. LogMeIn should stop misleading its customers when it knows better. 

 

LogMeIn is either guilty of incompetence or negligence - in either case its business practices are shady. 

davek
Active Contributor

I don't think they have to be marked for automatic updates in Windows.  If they are subscribed to Application Updates in LogMeIn Central, Kaspersky Software Updater will be installed.  

GlennD
GoTo Manager

Hi @crcurran,

 

I understand your concern and would like to reassure you and all of our Central customers, that we closely monitor and review all 3rd party software that we use.  Disabling the Automatic Updates feature will result in the software being removed but, there is also a One2Many script that you can run. I have shared your feedback with the product team.

 

Glenn is a member of the GoTo Community Care Team.

Was your question answered? Please mark it as an Accepted Solution.
Was a post helpful or informative? Give it a Kudo!