Multiple computers getting netio.sys BSOD after 2022.2.1.9 update

Not a single BSOD on the two test machines ever since. Other than on unpatched machines... Had to move more users into the BSOD-Mitigation group today.

Our case was seemingly escalated to the "GES" team yesterday morning. Now we're just waiting for feedback.

Hey Samuel,

How have things been going for you with testing? I havent had a chance to do anything other than company-wide implement the "official" workaround and we are still getting occasional BSODs. Not really happy with this whole experience.

We're seeing a lot of random BSOD's as well, particularly when starting up for the day.  When I use BlueScreenView it usually says that I'm getting ntoskrnl.exe crashes.  Most of our clients are running 2022.2.2.1.  Just wondering if this sounds like same issue in the thread or something else?

Do the crashing computers have Cisco AnyConnect installed? If so I'd say it's related. Although I believe everyone else in this thread are getting BSOD's related to netio.sys 

We're not using Cisco AnyConnect.  Sonicwall NetExtender is installed on all of them though.

We kept our two test users on the test driver and we have not seen any adverse effects.

We got one more netio.sys BSOD for one of those users - but the manually installed test driver seems to get disabled by system protection particularly when Windows updates are being installed, which was the case then -  so that is not necessarily significant. In total we got 2 netio.sys BSODs for two machines since we started testing. The driver is now in daily production use for 37 days for those users, and they used to get anything from 5-10 BSODs per week without the fix.

Last update I got from a "Global Escalation Engineer" (after asking back myself again, of course...):

Thank you for the email. The October release has now been rescheduled for a planned release, on November the 10th 2022.

But of course also some expectation management:

... this is the planned date and can be pulled at the very last minute.

So I keep my fingers crossed that Sophos manages to get this shipped "soon".

Even though several different error codes are observed, all BSODs in this issue are caused by crashes from the NETIO.SYS driver, which is also the driver that is getting patched by Sophos on that matter.

Any updates on when this is actually going to get resolved? The patch that Sophos seems to be testing in the wild has worked for us. We have paused our anyconnect rollout until the fix is in prod. Sophos really need to pull their finger out on this one...

The version with the fix is going to be released on 11/10

Sophos, we really need a final fix for this! Any official announcements on Update release date? If yes, please update KB accordingly! We‘re talking about nearly three month without official fix available (except beta patch on manual request).

or do general rollback to 2022.2.1.9?

Degrading security by disabling webcontrol and real-time scanning is no real acceptable workaround for multiple weeks/month! Aren‘t we talking about security?!