Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 28 replies
  • Answers 2 answers
  • Subscribers 6 subscribers
  • Views 94801 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Version 9.4 Now Available

bobcook

Hello everyone,

We have published a new installer for the 9.4 release to sophos.com:

www.sophos.com/.../sophos-antivirus-for-mac-home-edition.aspx

When you download the installer it will upgrade an existing installation to version 9.4, if you are still running 9.2.

New features in this version:

  • Detection and cleanup of Potentially Unwanted Applications (adware, spyware, and certain remote access tools fall into this category)
  • Updated Quarantine Manager user interface
  • Faster and more stable Web Protection filtering
  • Faster boot times due to cacheing of previously scanned system files
  • Compatible with the System Integrity Protection feature on Mac OS X El Capitan (10.11)
  • More reliable updating code when the network condition is less than ideal (you might have heard about this issue in these forums)
  • Numerous security and stability improvements

The detection of PUAs for the On-Access scanner will be enabled automatically. These applications will be blocked from running automatically. Its possible we will detect tools that you are using as part of your daily routine - if so you can “authorize” their usage from the new Quarantine Manager window. You can later undo this choice by visiting the Authorizations preferences panel.

Custom scans can also detect and optionally clean up PUAs when detected. Newly created Custom Scans will also enable PUA detection automatically. Check out the Options tab for each scan definition. If you are upgrading from 9.2 your existing Custom Scans will not be changed.

As of Thursday September 25, 2015 all existing installations should automatically upgrade to 9.4.0.

Thanks from the SAV for Mac engineering team!



This thread was automatically locked due to age.
  • 0

    I installed the 9.4 and I'm now getting prompts (not sure exactly when or what triggers these) from Little Snitch to allow SophosConfigD via "macep.feedback.sophos.com" on Port 443.

    That's not something I ever encountered with the previous version. Can you please explain what its purpose is. What data from my system is being sent outbound back to Sophos?

  • 0 in reply to brvx
    Bob, I'd really like to get an answer to this question. I hadn't been allowing ConfigD (via Little Snitch) and when I mounted an external drive, Intercheck was pinning the CPU at close to 100%, and everything was almost frozen. Then when I tried to force quit Intercheck to stop the freezing, I got a kernel panic.

    None of this happens if I allow ConfigD, which I was forced into doing to avoid the freezing when an external is mounted.

    I still want to know what ConfigD is doing and what, if any, data it's phoning home with.
  • 0
    I am using the free version of Sophos for years, without major issues. After updating to 9.4 Sophos worked fine until the 1st automatic update. In my case after the 1st AutoUpate "on Access scanning" is deactivated. And I am not able to activate it again. I also tried a complete uninstall and installed Sophos again. The problem always occurs after the next Auto Update.
    Anybody else with this problem?
  • 0 in reply to brvx

    Also, new problem with the 9.4. Couldn't install an Office 2011 security update. Intercheck was pinning the CPU and wouldn't let go. Had to force quit Intercheck. I am thinking that this 9.4 is more trouble than it's worth.


    I've uninstalled the 9.4 and reverted to the 9.2.7 until the bugs get worked out.

  • 0 in reply to brvx
    I'm also having too many problems with 9.4, and would like to revert back to 9.2.7. Does anyone have, or know where I can download version 9.2.7?
  • 0 in reply to brvx
    I don't think the ConfigD behavior is related to the panic. Forcefully killing InterCheck could cause a panic (InterCheck uses a kernel driver to do some of its work). Seems bizarre. Can you get a sample of InterCheck (rather than killing it) so we can see what it might be up to.

    I'll post a top-level article about the information the product sends to Sophos, including the new changes in 9.4. I completely understand why this is a sensitive issue.

    ---

    Bob Cook (bob.cook@sophos.com) Director, Software Development

  • 0 in reply to Bolt1963
    Can you send me a copy of the log file /var/log/install.log, we can probably figure out what is going wrong from that. Thanks.

    ---

    Bob Cook (bob.cook@sophos.com) Director, Software Development

  • 0 in reply to bobcook

    >>Can you get a sample of InterCheck (rather than killing it) so we can see what it might be up to.

    Bob, I've decided to stay with the 9.2.7 until the update to 9.4.x becomes unavoidable. Perhaps this issue will be resolved at your end by then. For now, the Intercheck problem is too much of a hassle. When I'm on the 9.4.x again, I can get you a sample of Intercheck from Activity Monitor, if and when I have to do an Office update, or if some other update or who knows what makes Intercheck go nuts--that is, if it causes the same problem,which, hopefully it won't.


    No idea why, but I definitely had to allow SophosConfigD to connect, from Little Snitch, if there was an external drive mounted. If not, Intercheck went bananas with the CPU.

     

  • 0 in reply to bobcook

    I found in /Library/Caches/com.sophos.sav/ a file called cache.dat (0 byte). Deleting this file enabled on access scan again.

    Unfortunately you have to delete this file after each new update.

  • 0 in reply to Bolt1963
    Unfortunately this does not work for me with Mac 10.6.8, and Sophos refuses to run with the error message "Configuration daemon is not running." I'm returning to Sophos 9.2.7 till the bugs get worked out of 9.4.
Unfiltered HTML