3CX DLL-Sideloading attack: What you need to know
A multi-year endeavor in the making, the rollout of the next-gen scanning architecture has begun. This is a ground-up rewrite of functionality that touches nearly every aspect of Intercept X and delivers multiple benefits to customers.
Customers running the Endpoint Features Early Access Program will have seen these changes throughout the year - we will soon start to rollout this updated agent to all devices.
Starting in the new year we will make a change to devices running Core agent 2.20.11 that will remove the SAV component and migrate to a new updating infrastructure, SDDS3. Note: A device running 2.20.11 will not guarantee this change has been made. There are a number of ways to check if a device has been migrated to the new architecture the easiest is to see if the Sophos Anti-Virus component has been removed. This can be done directly on a device, or via Sophos Central by looking at the Component lists for devices.
The new updating URLs are already included in the Central Help documentation here: https://docs.sophos.com/central/Customer/help/en-us/central/Customer/concepts/DomainsPorts.htmlThe new URLs are https://sdds3.sophosupd.com/ & https://sdds3.sophosupd.net
Note: As we are removing the SAV component you should update any 3rd party integrations that you have that look for the presence of SAV on a device to indicate a protected client.
Hello, there are two steps to this rollout; the first is the software release which has completed for Endpoint with Server finishing next week. The next step sets the architecture changes; this started last week and will continue in small batches throughout the next few weeks.
Just checking to see if the rollout of this has begun yet or not; ours and most of our clients system have updated to 2.20.11 for the core agent but the old components are still there.
Hello, does someone know how to fasten up Agent updates? Our Agents are still on 2.20.4.1. If 2.20.10 is already out for about one and a half month I would like to know whether or not this is possible?
Hi Kim,
The Mac product has its own Early Access Program (EAP); we are releasing a new version (10.3.2) next week. This has several performance improvements but is not the same architectural overhaul as we have done on Windows. The work on Mac is part of the architecture changes that we made as part of the Big Sur release.
This new Mac agent will release to devices outside the EAP in February.
Regards,
Stephen
Will this update be available for Mac? If so, when?