2 of our Mac OS endpoints are showing the same high severity alert. Both of these were installed by the end-user using an installer and instructions that we provided for them. I'm wondering if they failed to give Sophos the correct security permissions at the end of the install process. Unfortunately is has been hard to get a hold of them. I sent them this link https://support.sophos.com/support/s/article/KB-000039014?language=en_US but never heard back. I have 2 main questions:
1. These alerts are marked as having occurred 8 days or more in the past and everything but the "legacy" services are showing as running.. Does that mean that they are ongoing or that they have been resolved and I should simply acknowledge them? The alert shows up in the device's Status page ( screenshot below ) and the customer's "Alerts" section in Sophos Central Admin.
2. If this is an ongoing issue what is the best way to resolve it? There is a "Reinstall Endpoint Protection" option available but I'm thinking maybe connecting to the machines via remote control and using the instructions in the link above would be more reliable.
This thread was automatically locked due to age.
