Please note: Advisory: SafeGuard File Encryption Engine - build 29 withdrawn
Overview
With the introduction of the mini file filter driver, which is part of SafeGuard Enterprise as of version 8.10
, Sophos provides regular File Encryption Engine updates that just contain improved filter drivers. These updates are provided as Windows Installer Patch files (*.msp
) to allow an easy installation and deployment. As these updates are cumulative, Sophos recommends using the latest version.
In this post you can download build version 29
of the filter driver engine. An overview of all File Encryption Engine Updates is available here.
Resolved issues (new in File Encryption Engine build 29)
Reference | Symptom / Summary |
---|---|
DPSGN-15338 | Sporadic file corruptions when storing XLS files using Microsoft Office 2003 or 2007 |
DPSGN-15014 | Generic improvements to prevent file locks during shutdown/restart. |
DPSGN-15436 | Deleted encrypted files occasionally cannot be recovered and show huge size in recycle bin |
DPSGN-15441 | Bluescreen / BSOD (Bugcheck 0xd4) on endpoints with Xerox Docushare software installed |
DPSGN-15431 | Windows subsystem for linux no longer working (lxssmanager does not start) on Windows 10 version 1903 (19H1) |
Resolved issues (already part of File Encryption Engine build 28)
Reference | Symptom or Summary |
---|---|
DPFEE-1173 | Local cache corruptions during an update to Windows 10 October 2018 update (W10 version 1809 ) |
DPSGN-14307 | Explorer performance issues in combination with cached files from Windows Quick Access |
DPSGN-14462 | Increased saving time for files located on network locations (specific applications). |
DPSGN-14525 | Access rights issues when running specific applications. |
DPSGN-14639 | Bluescreen Bugcheck 0x3b (SYSTEM_SERVICE_EXCEPTION) on Windows 10 version 1809 endpoints |
DPSGN-14511 | Performance improvements (boot and runtime) |
DPSGN-14853 | Cannot open encrypted Quickbooks project (other applications potentially affected as well), when SafeGuard File Encryption filter driver is active. |
DPSGN-14771 DPSGN-14806 DPSGN-14842 |
Several boot performance improvements. |
DPSGN-14995 | High performance impact when accessing files on network shares which are not covered by an encryption rule (requires BypassFilesWithoutPolicyVolumes registry key - see KB132922 for details). |
DPSGN-14945 | User is unable to save file certain file types (e.g. docx, xlsx). |
DPSGN-14987 DPSGN-15016 |
User gets file in use error when opening or saving xlsx files on network location. |
DPSGN-14513 | License check of 3rd party application (Dataflex) fails - (requires BypassFilesWithoutPolicyVolumes registry key) |
DPSGN-14856 DPSGN-15051 |
File Encryption driver slows down Windows explorer and search operations on network shares. |
DPSGN-15186 DPSGN-15188 DPSGN-15189 DPSGN-15190 |
Important security fixes and improvements. |
DPSGN-15245 | Files located on a WebDAV share, occasionally cannot be deleted when file encryption minifilter is active. |
DPSGN-15014 | Compatibility improvements (requires additional registry modification) |
DPSGN-15265 | System might become unresponsive after re-inserting an encrypted optical media |
DPSGN-15261 | SGPortable.exe (and msvcr71.dll and msvcp71.dll) get encrypted by initial encryption |
DPSGN-15241 | SafeGuard Services not running after update to Windows 10 version 1903 (19H1). This only affects installations of File Encryption Engine build 26. |
DPSGN-15209 | Compatibility improvement for Sophos Central Intercept X with EDR. |
DPSGN-15267 | Potential file corruptions when creating PDFs from Catia (Dassault Systèmes). |
DPSGN-15306 | File encryption filter removes SmartScreen block functionality from file properties. |
Download and installation
The File Encryption Engine Update build 29
can be applied to SafeGuard Client version 8.10.0.323,
8.10.2.55 and 8.20.0.83
. It automatically updates previously installed File Encryption Engine Updates.
The installers for version 8.10.x can be obtained from this download link.
The installers for version 8.20.x can be obtained from this download link.
Installation for 32-bit OS
If the SafeGuard Client is already installed
- Copy the installer patch files to the corresponding endpoint(s)
- Apply the SafeGuard File Encryption Engine update. Example (based on version 8.10):
msiexec /update "C:\Install\File Encryption Engine for SGN 8.1 Build 29.msp"
- Reboot the endpoint for the changes to take effect
Installation together with SafeGuard Client
- Copy the SafeGuard Client and the installer patch files to the corresponding endpoint(s)
- Install the SafeGuard Client together with the File Encryption Engine update. Example (based on version 8.10):
msiexec /i C:\Install\SGNClient.msi PATCH="C:\Install\File Encryption Engine for SGN 8.1 Build 29.msp"
- Reboot the endpoint for the changes to take effect
Installation for 64-bit OS
If the SafeGuard Client is already installed
- Copy the installer patch files to the corresponding endpoint(s)
- Apply the SafeGuard File Encryption Engine update. Example (based on version 8.10):
msiexec /update "C:\Install\File Encryption Engine for SGN 8.1 Build 29_x64.msp"
- Reboot the endpoint for the changes to take effect
Installation together with SafeGuard Client
- Copy the SafeGuard Client and the installer patch files to the corresponding endpoint(s)
- Install the SafeGuard Client together with the File Encryption Engine update. Example (based on version 8.10):
msiexec /i C:\Install\SGNClient_x64.msi PATCH="C:\Install\File Encryption Engine for SGN 8.1 Build 29_x64.msp"
- Reboot the endpoint for the changes to take effect
How to verify if the patch is applied
After the installation, you can see the new File Encryption Engine in the Installed Updates section of Programs and Features.
As this package just contains new filter drivers and no other products components, this update does not change the version or build number of the installed SafeGuard Client. In the SafeGuard Management Center version 8.20, the file filter engine version of this update (3.0.0.31) is also listed in the installed features list of the Client.