Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 31 replies
  • Subscribers 1 subscriber
  • Views 120930 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Endpoints Failing to Install New Update

PostQ

Hello,

After receiving the new update (10.3.7 3.51) I have 100+ endpoints that are failing to uninstall the new software.  During the install process the old versions of the software are uninstalled, then when the install is starting they error out.  I'm receiving either an "Installation of Sophos AutoUpdate Failed [0x00000008]" error or an "A runtime error occurred. [0x00000062]" error.

From my testing, when this error occurs it's because the AutoUpdate folder that's created in either of the following locations has messed up permissions.  Basically, it won't allow anyone or anything to access it or delete it.  Those locations are:

C:\Program Files (x86)\Sophos\AutoUpdate  -or-  C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir

If I restart the PC with this problem and boot into Safe Mode, log in then out, the bad file is automatically deleted, restart into normal Windows and try the install again.  At that point everything installs correctly and there are no problems.  

I don't want to have to restart 100+ computers into safe mode if I don't have to, we need a better solution and soon because these computers with this problem are unprotected right now.  Thanks for anyone's help!

:50144


This thread was automatically locked due to age.
Parents
  • 0

    Where to begin... This has been a nightmare for us since the 20th when the updater started attempting to update 1000+ clients and failing on the vast majority, leaving each computer unprotected.  We only use Sophos AV, no other tools of theirs.

    I had the EXACT same symptoms as you, PostQ, however I haven't tried the "Safe Mode" fix, because a) we can't automate that for this quantity of clients, and b) we use bitlocker which means we'd have to look up and provide all the users with their keys to unlock their drives to get into safe mode (not going to happen).

    Here has been my experience:

    Since we are trying to find a way to automate the fix, I've been working with a package to install the software using KACE and/or AD for deployment.  Before automating the fix though, I've been testing the package on broken clients and this is what I found.

    Client attempted to upgrade to 10.3.7, failed

    RMS component was the only piece of Sophos software left on the client.

    1st install: Reboot, run Sophos Package with 2 possible results: 1) AV installed, AutoUpdater installed, no RMS; or 2) All three components install

    2nd install: If the first (missing RMS) occurs, we reboot, and run the Sophos Package again.  This time it will remove the AutoUpdater, leaving just AV.

    3rd install: Reboot, run Sophos Package with 2 possible results : 1) AV installed, AutoUpdater installed, no RMS; or 2) All three components install

    4th install: If the first (missing RMS) occurs, we reboot, and run the Sophos Package again.  This time it will remove the AutoUpdater, leaving just AV.

    From here, the pattern repeats, where odd attempts may or may not resolve our client configuration, and even attempts remove the AutoUpdater.

    At this point, we have gone over 3 full days since this was first detectected to today working with Sophos support still w/out resolution.  Since we NEED to get clients protected again, this is what I'm now looking to do:

    Install the package on all computers that KACE detects as not having v10.3.7.  On the first try, it should at the very least give us AV and AutoUpdater, likely won't give us the RMS component.  I'm willing to accept that at this point.  I'm now investigating what missing RMS is going to do to us in the future, but I'm banking on some fix being developed at some point, where I can hopefully deploy with KACE and restore full client/server functionality.

    Hope this helps someone, or finds someone that can share brain power to hopefully come to the best solution.

    :50202
Reply
  • 0

    Where to begin... This has been a nightmare for us since the 20th when the updater started attempting to update 1000+ clients and failing on the vast majority, leaving each computer unprotected.  We only use Sophos AV, no other tools of theirs.

    I had the EXACT same symptoms as you, PostQ, however I haven't tried the "Safe Mode" fix, because a) we can't automate that for this quantity of clients, and b) we use bitlocker which means we'd have to look up and provide all the users with their keys to unlock their drives to get into safe mode (not going to happen).

    Here has been my experience:

    Since we are trying to find a way to automate the fix, I've been working with a package to install the software using KACE and/or AD for deployment.  Before automating the fix though, I've been testing the package on broken clients and this is what I found.

    Client attempted to upgrade to 10.3.7, failed

    RMS component was the only piece of Sophos software left on the client.

    1st install: Reboot, run Sophos Package with 2 possible results: 1) AV installed, AutoUpdater installed, no RMS; or 2) All three components install

    2nd install: If the first (missing RMS) occurs, we reboot, and run the Sophos Package again.  This time it will remove the AutoUpdater, leaving just AV.

    3rd install: Reboot, run Sophos Package with 2 possible results : 1) AV installed, AutoUpdater installed, no RMS; or 2) All three components install

    4th install: If the first (missing RMS) occurs, we reboot, and run the Sophos Package again.  This time it will remove the AutoUpdater, leaving just AV.

    From here, the pattern repeats, where odd attempts may or may not resolve our client configuration, and even attempts remove the AutoUpdater.

    At this point, we have gone over 3 full days since this was first detectected to today working with Sophos support still w/out resolution.  Since we NEED to get clients protected again, this is what I'm now looking to do:

    Install the package on all computers that KACE detects as not having v10.3.7.  On the first try, it should at the very least give us AV and AutoUpdater, likely won't give us the RMS component.  I'm willing to accept that at this point.  I'm now investigating what missing RMS is going to do to us in the future, but I'm banking on some fix being developed at some point, where I can hopefully deploy with KACE and restore full client/server functionality.

    Hope this helps someone, or finds someone that can share brain power to hopefully come to the best solution.

    :50202
Children
No Data
Unfiltered HTML