Thread Info
  • Locked Locked
  • Replies 15 replies
  • Subscribers 27 subscribers
  • Views 46928 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

'ROP' exploit prevented in Microsoft

Hayim Caspy

Hi All

I keep getting this error in all computers that have office 2013.

Excluding intercept x resolve the problem.

But I do want intercept x to work.

No exclusion (details exclude...) works.



This thread was automatically locked due to age.
Parents

  • Hi All,

    Our apologies for the inconvenience. This issue is identified by development and are actively investigating on the same. Moredetails are given in this advisory. Currently a work around is provided, however, a permanent solution shall be arrived at as soon as possible. This issue is witnessed on endpoints running newer version of Intercept X/Exploit prevention and also updated with the latest Windows update made available on October 18 2018.

    Regards,

    Adithyan Thangaraj
    Community Support Engineer | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'This helped me' link.

  • in reply to Adithyan Thangaraj

    This has affected around 25-30 of our 140 devices. A reboot did fix the issue for all devices except one PC.

    I have restarted this PC several times over the past day and the issue still exists. The only fix is to turn off Office protection for this device which isn't ideal as the device uses the sales@ email address and therefore receives quite a bit of spam.

    I've asked the user to remain vigilant when opening any emails with Excel and Word attachments, but this isn't ideal.

  • in reply to LouiseWatson

    Hi LouiseWatson,

    Thank you for your kind response. May I request your available time via DM in order to take a look at this one machine further? A reboot has fixed the issue on all other endpoints which faced the issue since our roll back, released to address this issue, has removed the newer version thereby waiting for a reboot to take effect. However, There could be several reasons why this one machine would still be a trouble and hence I would like to investigate this further. In case you prefer creating a support ticket with us, kindly please visit this page for the same.

    Regards,

    Adithyan Thangaraj
    Community Support Engineer | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'This helped me' link.

Reply
  • in reply to LouiseWatson

    Hi LouiseWatson,

    Thank you for your kind response. May I request your available time via DM in order to take a look at this one machine further? A reboot has fixed the issue on all other endpoints which faced the issue since our roll back, released to address this issue, has removed the newer version thereby waiting for a reboot to take effect. However, There could be several reasons why this one machine would still be a trouble and hence I would like to investigate this further. In case you prefer creating a support ticket with us, kindly please visit this page for the same.

    Regards,

    Adithyan Thangaraj
    Community Support Engineer | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'This helped me' link.

Children
Unfiltered HTML