Invalid digital signature for SophosED.sys

Hi. We joined to the EAP on Apr 14th. It all ran fine until today. After shutting down all the computers, today they didn't boot. Windows was complaining about an invalid digital signature on SophosED.sys.

Only until we disabled the driver signature enforcement we were able to boot again those machines.

We rolled back to 2.6.0 and everything went smooth.

Here the versions currently running on the computers.

--

Sophos Anti-Virus 10.8.6.215
Sophos AutoUpdate 6.2.1.1
Sophos Clean 3.8.8.118
Sophos Endpoint Defense 2.2.1.1467
Sophos Endpoint Firewall 1.1.0.0
Sophos Endpoint UI 1.7.957.0
Sophos File Scanner 1.7.91.0
Sophos Health 2.4.7.0
Sophos HitmanPro Alert 3.7.15.446.446
Sophos Live Query (64-bit) 2.0.1.316
Sophos Machine Learning Engine 1.5.3
Sophos Management Communications System 4.12.179.0
Sophos Network Threat Protection 1.10.151.0
Sophos Self Help Tool 2.7.1.2
Sophos Standalone Engine 1.5.10
Sophos Threat Detection Engine 3.78.5.12
Sophos Uninstaller 1.8.1.1

 

--

as reported by Central.

I'm not sure if something was wrong with yesterday updates.

We can try to get a SDU from this computers if required.

Greetings,

  • Hi Gera,

    I don't think we hvae any other reports of similar issues, but if you could supply an SDU I can get someone to take a look.  Any chance you can email it to interceptbeta[at]sophos.com?  You can mention this thread in the mail if you like.

    Thanks,

     

    Kevin

  • I guess. But the thing is, we installed the EAP on nearly 20 machines and all of them experienced this on that day. After that, we had to boot without the signature validation on windows (and having to do physically that under quarantine was a problem), and then definitely rolled back to the stable version.

    We ran SDU from Central on some computers back on that day. Let me check if we can find them, and will send information of it to interceptbeta.

    Greetings.