Windows issues following Core Agent 2.7.6, Endpoint Advanced 10.8.7, Server Anti-Virus 10.8.7 and Intercept X 2.0.17 and above releases.
As of Sophos Core Agent 2.7.6, Endpoint Advanced 10.8.7, Server Anti-Virus 10.8.7 and Intercept X 2.0.17 and above all files and drivers are signed with only SHA256 (Previously they were SHA1 and SHA256 signed). This is a Microsoft driven change. In March 2019, Microsoft released an update to Windows 7 and Windows 2008 R2 to support SHA256 only driver signing. This Microsoft update is required in order to run Sophos Endpoint.
Note: This affects Windows 7 and Windows 2008 R2 operating systems. Operating system that are fully up to date with Windows Updates will not be impacted.
Applies from the following Sophos product(s) and version(s) Central Server Core Agent 2.7.6Central Windows Core Agent 2.7.6Central Windows Endpoint Intercept X 2.0.17Central Server Intercept X 2.0.17Central Windows Endpoint 10.8.7Central Server Anti-Virus 10.8.7
As of Sophos Core Agent 2.7.6, customers running unpatched operating systems may see the following:
C:\Windows\system32\drivers\SophosED.sys. error 0xc00004228 "cannot verify the digital signature"
As of Sophos Core Agent 2.8.5:
Sophos Endpoint Defense Setup *.log
For Endpoint Advanced 10.8.7 and Server Anti-Virus 10.8.7 customers will see the following:
For Intercept X 2.0.17 customers will see the following:
This is due to Sophos using only the SHA-2 hash algorithm. Please see below Microsoft article regarding this issue
An updated Core Agent 2.7.7 has been released today 22nd May. This update to the Core Agent will prevent the boot issue from occurring following a restart of the computer.
Note: While this update will resolve the boot issue it will not resolve any other issue. To resolve these you must perform Windows Updates to get the latest updates. Alternately, install Windows KBs 4474419 and 4490628.
Note: Customers using Controlled updates or Scheduled Updates may need to check their Policies to ensure they apply the new Core Agent 2.7.7.
No further updates expected.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.