Jump to content
cdaniel

KES 11 blocking webcam in Zoom

Recommended Posts

I have KES 11.0.0.6499 managed from a KSC 10.5.1781 server.  The PC has a webcam.  When I try to use the webcam in Zoom it doesn't show the video.  When I use the webcam in Skype it works fine. Both Application Control and Device Control are disabled.  I was able to narrow it down and discovered that when I disable Host Intrusion Prevention the webcam works in Zoom.  When I re-enable Host Intrusion Prevention the webcam stops working again.  This makes me think Kaspsersky is classifying Zoom as an Untrusted app, but when I open the list on the PC is shows Zoom as Trusted.  I added zoom.exe to the list of Trusted Applications in the Exclusions section, but that had no effect.

How can I get the camera to work in Zoom without disabling Host Intrusion Protection?

Thanks

Charlie

Share this post


Link to post

Hello!

Would you please collect a full GSI repost with eventlogs and also please collect the KES traces with only the faulting component enabled. 

Thanks!

Share this post


Link to post

I had this same issue last week and was able to resolve by whitelisting C:\Program Files\Zoom and C:\Program Files (x86)\Zoom in our KES 11 policy. I confirmed Kaspersky was adding Zoom Sharing and Zoom Meetings to the Low Restricted group, which blocks app access to cameras and microphones. Manually moving to Trusted didn't seem to solve the issue.

Share this post


Link to post

I won't be able to get those logs until next week, but I can try to whitelist.  I already did whitelist zoom.exe, but not both the 64 and 32 bit paths, so I'll give that a go.  Thanks.

Share this post


Link to post
3 hours ago, cdaniel said:

I won't be able to get those logs until next week, but I can try to whitelist.  I already did whitelist zoom.exe, but not both the 64 and 32 bit paths, so I'll give that a go.  Thanks.

Please let us know the result.

To verify whether KES actually treats this application as Trusted or Low Restricted, check Intrustion Prevention reports in KES. Enable "Application Privilege Control rule triggered" event to monitor its activity.

Thank you.

Share this post


Link to post

I couldn't ever get it to show up in the list of application in the Host Intrusion Prevention settings in the KSC policy, so I couldn't force it to Trusted.  I could force it to Trusted if I disabled the policy on the KSC and manually set on the client.  

So I went to the Trusted Applications section under the Exclusions settings and I added this (%userprofile%\AppData\Roaming\Zoom\bin\zoom.exe) and it allowed the camera to be used in Zoom.  Not sure why I couldn't get it added to the Hosted Intrusion, but it works so the client is happy.

Share this post


Link to post
3 часа назад, cdaniel сказал:

 Not sure why I couldn't get it added to the Hosted Intrusion

Hello!

This can be caused by not selected option "About started applications" in KES policy->Global settings->Reports and storage-> Data transfer to Administration server -> Settings

3 часа назад, cdaniel сказал:

... so the client is happy.

Can we mark this topic as solved?

Thank you!

 

Share this post


Link to post
3 hours ago, Dmitry Parshutin said:

This can be caused by not selected option "About started applications" in KES policy->Global settings->Reports and storage-> Data transfer to Administration server -> Settings

 

This option is selected already in the policy.  Any other suggestions?

 

3 hours ago, Dmitry Parshutin said:

Can we mark this topic as solved?

Only if you can't answer my above question.

Thanks

Charlie

Share this post


Link to post
42 минуты назад, cdaniel сказал:

This option is selected already in the policy.  Any other suggestions?

Please provide us with export of active policy of KES and Network Agent.

Thank you!

Share this post


Link to post

I spoke too soon actually.  The issue was only resolved on my test PC because I had manually set zoom.exe to Trusted after disabling the policy.  When I re-enabled the policy it stayed in Trusted and worked.  But when I tested on a different PC it still blocked the camera.  I've attached the KES11 and Agent policy.

agentpolicy.klp

kes11policy.klp

Share this post


Link to post

I'm ready to work on this again.  Were you able to review the policy I uploaded and see why the camera is being blocked in zoom?

Share this post


Link to post

Hi,

Please correct at Trusted zone settings for zoom.exe and enable all avaliable exclusions for that file.

Please let us know about result.

Thank you!

Share this post


Link to post

Can you be specific about where you want me to do that?  I've added exclusions where I thought I should and it still didn't work.  Thanks.

Share this post


Link to post

Enabling "Do not block interaction with the application interface" allowed the camera to work. 

 

Thanks.

 

Share this post


Link to post

Sorry, but I have to re-open this issue.  

We have an additional user that has their camera blocked by Kaspersky in both Zoom and Skype for Business.  We can not get them to work without turning off the Host Intrusion Prevention system even if we use the exclusion mentioned above.  This is still using the same policies I posted earlier.  If I disable the global policy above and then go to the client and manually set Zoom in the Host Intrusion Prevention system to "Trusted" then it works fine.  But on the global policy Zoom does not show up under the applications  even though I have the "About started applications" option enabled in the settings specified earlier in this thread.

I think we need to work on getting Zoom and Skype for Business to show up in the list of applications in the Host Intrusion Prevention system so that I can add them to Trusted.  Make sense?

 

Thanks

Charlie

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.