Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 31 replies
  • Subscribers 1 subscriber
  • Views 121003 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Endpoints Failing to Install New Update

PostQ

Hello,

After receiving the new update (10.3.7 3.51) I have 100+ endpoints that are failing to uninstall the new software.  During the install process the old versions of the software are uninstalled, then when the install is starting they error out.  I'm receiving either an "Installation of Sophos AutoUpdate Failed [0x00000008]" error or an "A runtime error occurred. [0x00000062]" error.

From my testing, when this error occurs it's because the AutoUpdate folder that's created in either of the following locations has messed up permissions.  Basically, it won't allow anyone or anything to access it or delete it.  Those locations are:

C:\Program Files (x86)\Sophos\AutoUpdate  -or-  C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir

If I restart the PC with this problem and boot into Safe Mode, log in then out, the bad file is automatically deleted, restart into normal Windows and try the install again.  At that point everything installs correctly and there are no problems.  

I don't want to have to restart 100+ computers into safe mode if I don't have to, we need a better solution and soon because these computers with this problem are unprotected right now.  Thanks for anyone's help!

:50144


This thread was automatically locked due to age.
Parents
  • 0

    Looks like you beat me to posting the reply JBull!

    In any case, I wanted to also add how we've been fixing it while waiting for a solution, with some success.  Using KACE, we set up a script to uninstall RMS if a machine has RMS but no AV installed.  This scrip runs every 30 minutes, checking for a registry flag it sets so it isn't repeated:

    Verify

    1. Verify that “HKLM\SOFTWARE\Wow6432Node\Sophos-RMS-Fix!RMS-Fix” is not equal to “1”.

    On Success

    1. Launch “C:\Windows\System32\MsiExec.exe” with params “/X{FED1005D-CBC8-45D5-A288-FFC7BB304121} /qn”.
    2. Set “HKLM\SOFTWARE\Wow6432Node\Sophos-RMS-Fix!RMS-Fix” to “1”.

    We set the package to install Sophos AV created from the Sophos Deployment Packager to be installed at startup on any machine missing AV using smart labels.  It's not 100% as someone can reboot before the script to remove RMS runs, causing the install to take place before the RMS removal, but the count of machines with all Sophos components installed is climbing.

    Tom

    :50368
Reply
  • 0

    Looks like you beat me to posting the reply JBull!

    In any case, I wanted to also add how we've been fixing it while waiting for a solution, with some success.  Using KACE, we set up a script to uninstall RMS if a machine has RMS but no AV installed.  This scrip runs every 30 minutes, checking for a registry flag it sets so it isn't repeated:

    Verify

    1. Verify that “HKLM\SOFTWARE\Wow6432Node\Sophos-RMS-Fix!RMS-Fix” is not equal to “1”.

    On Success

    1. Launch “C:\Windows\System32\MsiExec.exe” with params “/X{FED1005D-CBC8-45D5-A288-FFC7BB304121} /qn”.
    2. Set “HKLM\SOFTWARE\Wow6432Node\Sophos-RMS-Fix!RMS-Fix” to “1”.

    We set the package to install Sophos AV created from the Sophos Deployment Packager to be installed at startup on any machine missing AV using smart labels.  It's not 100% as someone can reboot before the script to remove RMS runs, causing the install to take place before the RMS removal, but the count of machines with all Sophos components installed is climbing.

    Tom

    :50368
Children
No Data
Unfiltered HTML