'ROP' exploit prevented in Microsoft

Experiencing the same thing.

I'm having the same issues as well. 

I would also like to add that I am receiving the same error and cannot open Outlook.  So far only 1 user is affected.  Please advise.

I have a customer with the same thing. started today AEST @ 10:19:23 AM

only one customer at that site out of 15

I have tried to allowing it via the portal

still keeps blocking it

i have done the log PROCMON

but need credentials to your FTP site to upload as it is greater than 30MB

Today at around 10:51AM (PDT) I got the same issue with my Microsoft Office Outlook 2013. 

Looks like there are quite a few people having the same issue. Please advise. 

Hi All,

Our apologies for the inconvenience. This issue is identified by development and are actively investigating on the same. Moredetails are given in this advisory. Currently a work around is provided, however, a permanent solution shall be arrived at as soon as possible. This issue is witnessed on endpoints running newer version of Intercept X/Exploit prevention and also updated with the latest Windows update made available on October 18 2018.

Experiencing the same error except on Office 2016 on Windows 10 64bit across all office programs, safemode has no effect. Unable to use any office programs, currently only on one machine but there are pending sophos program updates to install upon reboot. We do not want this behavior to be present on any other machines.

Check the workaround sophos suggested

https://community.sophos.com/kb/en-us/132953

The mentioned workaround has fixed it for Outlook 2013. But Skype for Business 2013 is still blocked by Sophos because of the ROP exploit.

Hi Andrew,

Apologies for the delay. Please DM me your case number and I shall fetch you the FTP details to upload the logs ASAP.