Over the last couple weeks, since we received the Core Agent update to 2.19.8 on 10/4, we've had multiple older machines freeze completely. Screen freezes, no keyboard or mouse, NIC unresponsive. We have to do a hard shut down to bring them down and back up. Not positive that this update is the culprit, but on the computers that have been freezing 2 to 3 times a day, we uninstalled Sophos and they've been behaving for a couple days now.
Models affected: HP xw4400, HP xw4600, Z400. All have been running Win10 21H1 with last update back in September. "Newer" computers (e.g. Z420, Z4 G4) have not had this problem. Event logs show nothing out of the ordinary around the time of crash.
Just curious if anybody else has run into this in the last week.
If anyone is still having the issue, I suspect the issue is with some form of memory scanning.
If you use Process Hacker to inspect the memory (memory tab) of the audiodg,exe process, regardless of Sophos…
The following KBA has been published regarding this issue. - Advisory: Central Endpoint Computers reporting hangs after the update to Core Agent 2.19.8
An update has been applied from the back-end to disable the offending flag. If you continue to experience issues with this, I recommend opening a support case with our team to get the issue escalated.
It looks like the text is incomplete in the article:"A workaround has been made available to customers and the following action should"
It is my understanding that no action is required as the feature causing the issue has been disabled.
Disabling "Detect malicious behaviour" should no longer be required.
Can you confirm? Thanks.
Hmmm, so what else has been disabled that we don't know about???
You are correct, the KBA has been updated to reflect this as well.