"Wanna" ransomware outbreak. Please see this Sophos article sophos.com/kb/126733 for advice on how to protect your organization. Immediate action recommended.
The command line utility ConfigCID.exe enables you to implement configuration changes contained in endpoint software XML configuration files, by modifying the catalog files in your update location (Central Installation Directory, or CID). Your computers will then update themselves with their new configuration from the XML configuration files.
Sophos AutoUpdate (the updating component of endpoint software) uses catalog files called cidsync.upd to determine which files it should download from an update location (CID). When you add XML configuration files (e.g. those created with ExportConfig.exe) to your update locations, you must update the catalog files to ensure that your XML files are used. The knowledgebase article on ExportConfig.exe describes how to create, and where to place, configuration XML files.
Known to apply from the following Sophos product(s) and version(s) ConfigCIDEnterprise Console 5.0.0
C:\Program Files\Sophos\Enterprise Console\SUM\
C:\Program Files\Sophos\Update Manager\
Note: On 64-bit computers 'Program Files' is 'Program Files (x86)'.
Program Files (x86)
Note: To run ConfigCID.exe, you must have write access to the update location and as a local administrator on the management server.
Using version 126.96.36.199 or later of ConfigCID.exe:
Note: If the CertAuthStore should change on the server with the Sophos Management Service for whatever reason (A clean re-install of Sophos Enterprise Console or a problematic migration), it must be updated on the computer running ConfigCID.exe also.
Before modifying the update location, and the catalog files that it contains, ConfigCID.exe performs some checks to ensure this can be done safely. Then ConfigCID.exe adds, removes, or changes the entries in the catalogue files for the xml files. Networked computers will then download the new configuration on their next scheduled update.
If you receive an error stating "Failed to open catalog..." see article 113640.
Failed to open catalog
Released with Sophos Update Manager version 1.4.2, ConfigCID.exe has been updated (version 188.8.131.52) with a security enhancement ensuring files. The tool must now be run on the server that has the CertAuthStore key, this will be the server with the Sophos Management Service. This key can be imported to another server if required.
In order to update successfully, you must use version 184.108.40.206 (and later) of ConfigCID.exe. From Sophos Auto Update version 2.9.0 (Shipped with 10.2.4 Endpoint package), files that are changed/added to a CID will require a signing. If a signature is missing the update will fail for that package, see article 118821.
Tutti i commenti qui inseriti vengono letti (dal team di supporto), ma non verranno inviate risposte specifiche ad alcun quesito tecnico. Nel caso richiediate supporto tecnico, vi invitiamo a postare il vostro quesito nella nostra community. Altrimenti, se la richiesta di supporto riguarda un prodotto con licenza, vi invitiamo ad aprire un ticket per il team di supporto.