"Wanna" ransomware outbreak. Please see this Sophos article sophos.com/kb/126733 for advice on how to protect your organization. Immediate action recommended.
Issue When you attempt to protect computers using Enterprise Console a yellow alert is displayed against one or more of the computers listed in the console.
When you right-click on the affected computer and go to 'View computer details' | 'Outstanding alerts', you see the message:
0000003a - Installation involves creating a scheduled task on the computer. Access was denied when creating this task. The default admin share(called C$) may not be accessible or a required service may not be running
Known to apply to the following Sophos products and versions Enterprise Console 4.0.0Enterprise Console 4.0.2Enterprise Console 4.5.1Enterprise Console 5.1.0Enterprise Console 5.2.0Enterprise Console 4.7.0Enterprise Console 4.7.1Enterprise ConsoleEnterprise Console 5.3.1Enterprise Console 5.3.0Enterprise Console 5.2.1Enterprise Console 5.2.1 R2Enterprise Console 5.2.2
On the server running Enterprise Console:
You should now notice that orange arrows appear against the computer(s). These arrows should turn green, then turn to an hour glass and finally to a blue computer.
Please ensure that you have followed all the prerequisites discussed in the interactive deployment guide. This is the comprehensive guide for configuring push installs.
For more details on how the deployment process works see article 12455.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. If you need technical support please post a question to our community. Alternatively for licensed products open a support ticket.