This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Lockdown Microsoft Edge and SAVXP can not be installed

I see a few Windows machines in Enterprise Console wich failed to install SAVXP the reason is that the software packet could not be authenticated (In German it says: SAVXP konnte nicht installiert werden: Paket konnte nicht authentifiziert werden).

On the same machines I see a few Exploit Events: Lockdown Microsoft Edge

Is this a technical issue or a security issue?

Is what is causing the Lockdown of Microsoft Edge a malware that tries to make Sophos unable to update?

Thank you and best regards,

Akira



This thread was automatically locked due to age.
Parents
  • Hi Akira,

    Could you post the event details generated in the Event Viewer when the detection occurs? 

    I'd also suggest installing the hotfix package for Intercept X as an immediate step to try.
    support.sophos.com/.../KB-000038477

    Kushal Lakhan
    Team Lead, Global Community Support
    Connect with Sophos Support, get alerted, and be informed.
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids
  • Hi Qoosh,

    here is the exploit event and the failed download and install of:

    If I read this right, I will not get any more exploit alerts anymore in Sophos Enterprise Console, if I install the hotfix, is that right?

    Important note for Sophos Enterprise Console / Exploit Prevention customers: As of hotfix version 3.9.0.1222, the Management Communications Client adapter was updated to improve compatibility and performance with Sophos Central. While the hotfix can still be applied to Exploit Prevention systems to address fixed issues, alerts about detected exploits will no longer be reported back to Sophos Enterprise Console!

    Thank you
    Akira

Reply
  • Hi Qoosh,

    here is the exploit event and the failed download and install of:

    If I read this right, I will not get any more exploit alerts anymore in Sophos Enterprise Console, if I install the hotfix, is that right?

    Important note for Sophos Enterprise Console / Exploit Prevention customers: As of hotfix version 3.9.0.1222, the Management Communications Client adapter was updated to improve compatibility and performance with Sophos Central. While the hotfix can still be applied to Exploit Prevention systems to address fixed issues, alerts about detected exploits will no longer be reported back to Sophos Enterprise Console!

    Thank you
    Akira

Children
No Data