Kaspersky
Question

Kaspersky Endpoint Security Cloud - 'Protection may be at risk'?

  • 24 November 2020
  • 8 replies
  • 223 views

Hi all:

 I’m preparing for a ‘rollout’ of KES Cloud, and the three devices we’ve installed on so far have this notice that says ‘Protection may be at risk’.

I know that in the past, on other machines with other programs I’ve been able to solve the issue by running scans or making sure the code/key is the correct one. There’s even a solution for Kaspersky Internet Security, which is to clear the reports.

Seeing nothing else for solutions, I tried that. It didn’t work.

 

Is this something to do with the fact that we only have Cloud and all the Cloud Plus features are listed but not available?

 

Has anybody seen this? Is there a solution that nobody is talking about?


8 replies

Userlevel 6
Badge +5

You get notification “Protection may be at risk”, because some installed protection components (not control components) are in a “Stopped” state.

Ok. I’ve looked, I can see the stopped component, but how do I start it? It’s greyed out and there seems to be no corresponding area in the web portal.

Userlevel 6
Badge +5

Configuring protection components on Windows devices:https://support.kaspersky.com/Cloud/1.0/en-US/130380.htm

Hi. I too have the same issue. The PROTECTION component (not CONTROL component) on the system that is having the issue is the AMSI Protection. I’m not even certain if I am to turn that to ON. Can you please advise? Thank you.

I went and looked up the role of AMSI in Microsoft Windows:

Antimalware Scan Interface (AMSI) - Win32 apps | Microsoft Docs

 

As far as the Cloud Management Console, it’s not even mentioned:

 

 

Thank you for sending over that info from MS. I agree - AMSI is no where to be found in the Console or in the help files. I only discovered this when I sent a distribution package to a new computer in our network and THAT computer received the version 11.5.0.590 and IT has this error you are discussing. My main computer that runs Kaspersky using the Cloud Console still only has 11.4.0.233 and I came over here to find out why my two systems have different versions/why the main system is not automatically updating and then I saw your post which had this issue with the newest update. It’s becoming very confusing for me and time consuming and I find it very, very difficult to find an answer to a problem quickly so I can ensure we are all protected and running as we should be. So, thank you again for providing me that info from the Microsoft website. Problem now is that the protection AMSI is not accessible to ‘turn on’ so I remain in the same situation. I hope someone reading this can help us both resolve this issue. Thanks again!

Badge

Oh no... I was wondering about this.. I to am about to roll out to a group of users. I have the same message and thought it was because I was running on trial. I've purchased licences and am due to apply them before the trial ends and I was hoping this message would go away.

I have Users and if they see this.. I'll have constant requests to resolve it as it suggests something's wrong.

I’ve been told to basically ignore it. So I’ve been telling users the same. It’s all we can do unless you care to officially lodge a complaint about it. 

I’ve been researching AMSI in the background as well, trying to figure out of if the issue is that it’s Win32...odd, for a security program...maybe I have to grumble to Microsoft to get some answers. It does seem like a lot of Antivirus/Firewall and Gateway applications, such as SOPHOS were moving to include AMSI integrations as of Fall 2019. 

 

If anybody else has any other information, or has seen AMSI in action outside of UAC notifications and PowerShell, I’d love to know.

Reply / Ответить