This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Why is the Hitmanpro service installed and used when it is Sophos Intercept? And why does it install with an insecure service path?

Having just wasted an hour of my time on this, I wanted to add to the chorus of complaints about the fact there is no indication that this is a Sophos service - https://community.sophos.com/intercept-x-endpoint/f/discussions/80238/why-is-the-hitmanpro-service-installed-and-used-when-it-is-sophos-intercept

That post has been locked now so I've opened up a new one to express my annoyance. This has only been an issue for 5 years.

Furthermore, can you get you software writers to create a proper installation program that doesn't setup the service without a quote delimited path. This is a security "no no". Particularly impressive in a security product!

The path used for the service is:
C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe /service

It should be:
"C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe" /service

All service paths that contain a space in the file path should be enclosed in quotes. Why is this? Read https://isc.sans.edu/diary/Help+eliminate+unquoted+path+vulnerabilities/14464

We will have to deploy a GPO to fix this because I'm not going around all our computers manually editing it.



This thread was automatically locked due to age.