This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Windows 7 OS Updates blocked since October

Hi all.

We have some legacy Windows 7 machines, all with valid ESU licenses from Microsoft.

These machines have been getting and installing updates via our WSUS servers for months without issue.

Recently, we've noticed that they fail to apply OS updates, although updates to other apps (e.g. Office) install without issue.

These installations fail after the 'restarting to apply update' phase.

Uninstalling the Endpoint product allows these updates to be installed without issue.

Anyone else seen anything similar?

Thanks in advance,

Mark



This thread was automatically locked due to age.
Parents
  • Hi ,

    Apart from uninstalling the endpoint, have you tried any other troubleshooting around this? I'd recommend you try isolating the component by following this KBA and see if switching off one of the components resolves the issue. - https://support.sophos.com/support/s/article/KB-000036572?language=en_US

    Thanks,
    Yashraj Singha
    Manager | Global Community Support
    Are you a Sophos Partner? | Product Documentation | @SophosSupport | Sign up for SMS Alerts
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids
  • Hi Yashraj...thanks for your reply..I work closely with Mark, and we have already tried this, infact we turned off all features but as the issue is at point of restart when it applies the configuration of the updates, sophos obviously resets itself back to normal after a restart. We have tried all the below also already;

    HMPA Isolation:
    a) Access the Services and stop then disable the following service:HitmanPro.Alert service
    b) Access the following folder: C:\Windows\System32\
    c) Rename hmpalert.dll to hmpalert.orig
    d) Access the following folder: C:\Windows\SysWOW64\
    e) Rename hmpalert.dll to hmpalert.orig
    f) Reboot the device

    SAV Isolation:
    a) Access the Services and stop then disable the following service: Sophos Anti-Virus
    b) Reboot the device

    Sophos Endpoint Defense Isolation:
    a) Access the following folder: C:\Windows\System32\drivers\
    b) Rename SophosED.sys to SophosED.sys.orig
    c) Reboot the device

    Nothing has helped as yet..apart from simply removing the Sophos Central client itself from the system. 

    however on the above, we have not been able to set this machien in the centrla console to always have tamper off..so technically i now should be able to go throguh and turn all the features off and these remain off..so i will try this again now assuming these features stay off upon reboot to see if this then works...i do then have other devices i can then turn the features off one at a time on so as you say narrow down the potentual component causing this...will feedback soon thanks

  • Ok scratch that, the settings like turning off real time scanning  appear to reapply themselves on the device after the restart so again, this may not prove a useful test as they dont appear to remain disabled so i can only assume upon the restart in the backgroud they reapply themsvels which doesnt help determine during the configuration of the updates if this featurre was indeed off and the cause of the issue or not...

Reply
  • Ok scratch that, the settings like turning off real time scanning  appear to reapply themselves on the device after the restart so again, this may not prove a useful test as they dont appear to remain disabled so i can only assume upon the restart in the backgroud they reapply themsvels which doesnt help determine during the configuration of the updates if this featurre was indeed off and the cause of the issue or not...

Children
No Data