Thread Info
  • State Suggested Answer
  • +6 person also asked this people also asked this
  • Locked Locked
  • Replies 45 replies
  • Answers 4 answers
  • Subscribers 27 subscribers
  • Views 88810 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to satisfy a recurrent 'Security and Privacy' pop-up?

Dave Dudek

Hello,

I'm a new member. Joined because I've been clicking ignore for too long on an annoying pop-up and am hoping to actually solve it now. The pop-up states:

 

Sophos Endpoint

You need to change your 'Security & Privacy' settings in order to protect this computer.

Click 'Open Security & Privacy' and then click 'Allow' within the next screen.

 

In theory the next step is easy ... except there is no "Allow" option at the next screen. And so I am left with no choice but to repetitively hit "Close" to ignore the pop-up. I run 10.13.6 (High Sierra) on a 2018 MBPro, in case that helps anyone lead me to an alternative solution.

Thank you in advance for your time and attention.

~Dave 



This thread was automatically locked due to age.
Parents
  • 0

    Exact same problem for me.   Tried adding Sophos to my Firewall exclusion list but did not help.

     

    Mac High Sierra 10.13.6

    Macbook Air 2017

    Sophos Home Edition 9.7.7

     

    Please advise asap

  • 0 in reply to jeff s

    Hi  &  

    If you are using Sophos Home premium, you can open a support case form the Sophos Home Dashboard. 

    Refer: Contacting Sophos Home Support

    If the previously mentioned steps did not help you, please check if you have enabled multiple kext extension and see if you remove the unused ones. 

    note: If you are still facing the kext issue even after reinstalling the Mac OS, then the issue could be something else and might not be Sophos.

    Regards,

    Gowtham Mani
    Community Support Engineer | Sophos Technical Support
    Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'This helped me' link.

  • 0 in reply to Gowtham Mani

    I do not have premium.

     

    What does 'multiple kext extension' mean?

     

    what is a 'kext issue'?

     

    Clearly if 3 people are having the exact same problem, on just this thread, there's a Sophos issue.

     

    We're not going to reinstall our entire MacOS just because Sophos is buggy.

     

    Please escalate this issue to your manager.

  • 0 in reply to jeff s

    Hi  

    jeff s said:
    what is a 'kext issue'?

    Due to a new security mechanism that Apple has released with MacOS 10.13 called Secure Kernel Extension Loading (SKEL), all non-Apple kernel extension (what we use to intercept files, etc) vendors must be manually added to a trusted list (Any user can add this). This allows the kernel extensions to load and is required for Sophos Anti-Virus to function properly. All third-party vendors are impacted by this change and it is not possible to work around this requirement.

    Note: Due to an Apple security restriction, this cannot be done via a remote desktop connection. There must be a locally logged in user. 

    1. After installing Sophos Anti-Virus go to Security & Privacy in the Apple System Preferences window.
    2. Near the bottom of the window, it will list the blocked Kernel Extensions (kexts) by Sophos. Click the Allow button.

    Please try out the previously mentioned suggestions to see what is preventing Sophos kext from getting enabled.

    To check if they are already enabled open the Terminal window in your mac client and enter the below command.

    sqlite3 /var/db/SystemPolicyConfiguration/KextPolicy "SELECT * from kext_policy”

    The expected output should be as shown in the below image.

     

    Or try the troubleshooting suggested in the KBA - MacOS: Secure Kernel Extension Loading troubleshooting

    Regards,

    Gowtham Mani
    Community Support Engineer | Sophos Technical Support
    Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'This helped me' link.

Reply
  • 0 in reply to jeff s

    Hi  

    jeff s said:
    what is a 'kext issue'?

    Due to a new security mechanism that Apple has released with MacOS 10.13 called Secure Kernel Extension Loading (SKEL), all non-Apple kernel extension (what we use to intercept files, etc) vendors must be manually added to a trusted list (Any user can add this). This allows the kernel extensions to load and is required for Sophos Anti-Virus to function properly. All third-party vendors are impacted by this change and it is not possible to work around this requirement.

    Note: Due to an Apple security restriction, this cannot be done via a remote desktop connection. There must be a locally logged in user. 

    1. After installing Sophos Anti-Virus go to Security & Privacy in the Apple System Preferences window.
    2. Near the bottom of the window, it will list the blocked Kernel Extensions (kexts) by Sophos. Click the Allow button.

    Please try out the previously mentioned suggestions to see what is preventing Sophos kext from getting enabled.

    To check if they are already enabled open the Terminal window in your mac client and enter the below command.

    sqlite3 /var/db/SystemPolicyConfiguration/KextPolicy "SELECT * from kext_policy”

    The expected output should be as shown in the below image.

     

    Or try the troubleshooting suggested in the KBA - MacOS: Secure Kernel Extension Loading troubleshooting

    Regards,

    Gowtham Mani
    Community Support Engineer | Sophos Technical Support
    Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'This helped me' link.

Children
Unfiltered HTML