We have had several reports of systems running the latest Windows 10 version 1709 having issues when trying to start Hyper-V vm's. This happens when Intercept X or Exploit Prevention are present. VMs will not start.
This is corrected in Intercept X 2.0 (for Sophos Central). SEC-Managed Endpoints (Exploit Prevention) have corrected this in Build 734, which was released in late February 2018.
Applies to the following Sophos products and versions
Central Endpoint Advanced 11.5.9Central Endpoint Standard 11.5.9Sophos Endpoint Security and Control 10.7.6Sophos Endpoint Security and Control 10.7.2
Applies to the following Operating system
Windows 10 version 1709
This is corrected in Intercept X 2.0 (for Sophos Central). SEC-Managed Endpoints (Exploit Prevention) will be getting this update late February.
SEC-Managed Endpoints (Exploit Prevention) have this updates as of the 734 build, which they got in late February 2018.
To verify the version of the operating system, from the Run command or a Command prompt, enter "winver.exe".
The process c:\windows\system32\vmcompute.exe is used by Hyper-V, and conflicts with Intercept X / Exploit Prevention as of Windows 10 version 1709. This process needs to be excluded from Intercept X / Exploit Prevention.
To obtain this workaround, please contact Sophos Support.
This issue has been corrected. Please ensure the Endpoint software is updating successfully.
This article will be updated when information becomes available.
This issue is now fully resolved.
If you've spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article. This is invaluable to us to ensure that we continually strive to give our customers the best information possible.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.