We're having an outbreak of DRIVER_IRQL_NOT_LESS_OR_EQUAL BSOD's in driver NETIO.SYS. Netio.sys caused BSOD's are usually tied to network drivers but that doesn't make sense because this started happening all of a sudden on multiple computers. These are fully patched/updated Windows 10 Pro computers. The common thing we're seeing is Sophos was updated to version 2022.2.1.9 around 7/20/22 on all of them. Any insight from Sophos on if the blue screen of death crashes are being caused by the latest version of Sophos?
Now (at 6 weeks since first reported), we are still affected by at least daily BSODs, although spread through different users on different hardware...
Now heavy-heartedly disabling web interception for the most heavily affected users, as I don't see any real progress here...
Support provided updated sntp.sys from Development-Team. Any experiences on trying this?
That would mean creating my own separate support case?Up to now we're just "strolling along" the existing cases and the main KB-000044389 advisory.
Our users have developer machines with 32GB RAM each which makes it kinda difficult to provide full memory dumps - even ignoring all compliancy issues there...
Does Sophos provide access to the test builds without requiring any other input data? I'd absolutely be willing to test drive that with some key users.
Yes, i'm facing this problem on Remotedesktop-Sessionhosts, 64GB RAM each. I got possible fix without providing complete memory dump. Just refer to support.sophos.com/.../KB-000044389
Active dump type would be fine. Being only Active pages it should be quite a bit smaller than 32GB. It should also zip pretty well.
I just know that in the case I opened with support, they would NOT proceed without a COMPLETE memory dump.