This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Multiple computers getting netio.sys BSOD after 2022.2.1.9 update

We're having an outbreak of DRIVER_IRQL_NOT_LESS_OR_EQUAL BSOD's in driver NETIO.SYS. Netio.sys caused BSOD's are usually tied to network drivers but that doesn't make sense because this started happening all of a sudden on multiple computers. These are fully patched/updated Windows 10 Pro computers. The common thing we're seeing is Sophos was updated to version 2022.2.1.9 around 7/20/22 on all of them. Any insight from Sophos on if the blue screen of death crashes are being caused by the latest version of Sophos? 



This thread was automatically locked due to age.
Parents Reply Children
  • We got confirmation yesterday that rollout is starting. Also, we are in "group A" for the rollout, which implies there are other groups and depending on where you end up it might also roll out later... Release version should supposedly be core agent 2022.3.0.56.

    Quote from our support agent:

    Thank you for waiting for me to update you. The release is scheduled to take place as follows: Your case has been added to the 10th November group A

    Start date: 10th November 2022
    End Date: 01st December 2022

    As per any release, these are planned dates so can change at any point before or during release. Your endpoint should, when it goes for its normal update, will download and install the new version Core Agent 2022.3.0.56 this will require a re-start of the machine\machines to complete the update.

    We don't have any updated machines yet, but considering the group A window is 3 weeks, that is not exactly a surprise.

  • We might have to wait for 3 weeks? Is there manual patch available?

  • I just triggered an update on my personal computer and the Core Agent updated to 2022.3.0.56.

  • I guess I am not on release group A ...

  • Did you open a ticket for this issue? Sounds like they may be prioritizing those that they know about. 

  •   is there a way to get everyone facing this issue to release Group A?
    By collecting Central UIDs through Sophos Community Staff Member? Or should everyone open a new case to be priorised?

  • Just as an update from our end:

    In the meantime most of my users seem to be upgraded, including my own machine. The previous mitigation workarounds (Sophos groups and policies) have been removed.

    I have one user that has hit severe issues and lost network connectivity on his device, he ended up completely removing Sophos and will now try to reinstall from scratch. He was one of the users with the test driver active, so this comes a bit as a surprise, but I hope it will resolve after a clean reinstall.

    Besides that I have no reports of BSODs or other problems with the update so far. I am positive we can close this whole sad story soon.

  • I suggest proceeding in opening a support case. You can send your case number(s) to me via private message, and I will follow up with our team to expedite the process for those affected.

    Kushal Lakhan
    Team Lead, Global Community Support
    Connect with Sophos Support, get alerted, and be informed.
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids
  • After running the updated version for close to a week now, we can confirm that our issue has been resolved:

    • The connectivity issue of the user mentioned in the previous post resolved after a full, clean reinstall
    • We have not seen ANY BSOD since
    • Even though my users have been sensibiIized, I have no reports of any other adverse effects.

    I will thus close our pending support case now.

    Thanks to everybody in here that chimed in, supported and worked on resolving this.

  • How do we find out when the update will be rolled out to us?