Having just wasted an hour of my time on this, I wanted to add to the chorus of complaints about the fact there is no indication that this is a Sophos service - https://community.sophos.com/intercept-x-endpoint/f/discussions/80238/why-is-the-hitmanpro-service-installed-and-used-when-it-is-sophos-intercept
That post has been locked now so I've opened up a new one to express my annoyance. This has only been an issue for 5 years.
Furthermore, can you get you software writers to create a proper installation program that doesn't setup the service without a quote delimited path. This is a security "no no". Particularly impressive in a security product!
The path used for the service is:
C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe /service
It should be:
"C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe" /service
All service paths that contain a space in the file path should be enclosed in quotes. Why is this? Read https://isc.sans.edu/diary/Help+eliminate+unquoted+path+vulnerabilities/14464
We will have to deploy a GPO to fix this because I'm not going around all our computers manually editing it.
This thread was automatically locked due to age.
