Sophos is pleased to announce the introduction of the Sophos Central Intercept X , Central Server Intercept X Advanced and Sophos Exploit Prevention cumulative hotfix. This hotfix is a beta release of the Exploit Mitigation/Runtime protection component of Sophos Central Intercept X, Central Server Intercept X Advanced and Sophos Exploit Prevention that is still undergoing testing.
The hotfix is provided to customers for beta testing and to confirm that any previous release issues are resolved. This version will be updated regularly in line with our development cycles The following sections are covered:
Applies to the following Sophos products and versions Central Server Intercept X 2.0.3Central Windows Endpoint Intercept X 2.0.8Sophos Exploit Protection
If you wish to test the hotfix version it can be downloaded from the following link:
Current Hotfix Version: 126.96.36.199 Current Hotfix Release Date: 12/12/2018
Please be aware that although this version has been through some basic testing, it is not fully release tested and should be considered as a pre-release version for testing only. Sophos recommends that you only install this version on test machines to confirm that the issue is resolved.
To apply the hotfix build to an affected machine please follow the steps below:
After following these steps, please verify if the original issue still occurs. If it does, please contact Sophos Support and provide them with as much information as possible about the issue, the cause, and what troubleshooting has been performed; including the use of the hotfix build.
If the issue no longer occurs, customers can be assured that Sophos is working to resolve this issue in the upcoming release.
On the next major version release of Intercept X or Exploit Prevention the hotfix version will automatically be replaced by the full release version that should fix your issue.
If there is a requirement to roll-back to the current supported version of Sophos Central Intercept X and Exploit Prevention, this can be performed by following the steps below:
This should revert the installed hotfix version back to the current supported version of the HitmanPro.Alert component.
Please find below the list of what is fixed in the current and previous Cumulative Hotfixes. This list is cumulative so newer versions also contain the fixes specified for older versions. This list also includes the existing fixes listed in our release notes:
Resolved a conflict with SofTrack client that caused IE to crash
Resolved a DEP detection when creating a PDF from a Scanner in Adobe Acrobat 2017
Resolved a Cryptoguard detection with AutoDWG to PDF converter
Resolved a Cryptoguard detection with Windows Media player
Resolved an issue with Dell RAID controllers
Resolved a CryptoGuard detection in Windows Explorer
Resolved an issue with performance issues on boot
Resolved a Callercheck detection on 1password.exe
Resolved Callercheck detections involving mono.dll
Resolved Website performance issues alongside Intercept X
Resolved a Cryptoguard detection with non installer .msi files
Resolved Cryptoguard issues with Prism software
Resolved conflicts with Cygwin
Resolved an ROP Alert for KUTools Excel plugin
Resolved an issue with ROP alerts in Office 2013
Resolved an issue with ROP alerts when streaming internet media
Resolved an issue with an IP Cryptoguard detection when using the NGEN publishing application.
Resolved an issue with ROP detection in Winword.exe.
Resolved an issue with ROP detection in several applications.
Resolved an issue with ROP detections in Chrome 67 and later.
Resolved an issue with intruder detections in Chrome and Internet Explorer with LANDesk installed (SoftMon.exe)
Resolved an issue with PDFs failing to open from the command line.
Resolved an issue with a callercheck exception in Outlook when the SNAPAddy plugin is installed.
Resolved memory issues that caused Windows to stop.
Resolved an issue with Skype failing during a video call.
Resolved an issue with an IP Cryptoguard detection in Lotus Notes.
Resolved an issue with Windows 7 computers hanging on shutdown.
Resolved an issue a false LoadLib exploit detection in Firefox.
Resolved an issue with Wipeguard protection not working on Hyper-V virtualized systems.
Resolved an issue with a callercheck exception in Excel when the UnionSquare plugin is installed.
Resolved an issue with a Windows 7 machine freezing when running Intercept X and Symantec Endpoint 14.0.3897.1101.
Resolved an issue with false ROP exploit detection with Excel documents containing multiple macros.
Resolved an issue with a Cryptoguard detection in AppLife Update.
Resolved an issue with false detections when Digital Guardian is installed.
Resolved an issue with a HitmanPro.Alert driver causing Windows to stop.
Resolved an issue with a Lockdown detection in Internet Explorer when accessing an internal web app.
Resolved an issue with detections in a debug version of the Flash ActiveX plugin.
Resolved an issue with false Import Address Table Access Filtering detections in Outlook.
Resolved an issue with Windows error logs being created for HitmanPro.Alert.
If you've spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article. This is invaluable to us to ensure that we continually strive to give our customers the best information possible.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.