Windows 10 Build Upgrade - Sophos Endpoint Exclusions



We're trying to upgrade our endpoints to a higher Windows 10 build version.

Just wondering if anyone has seen issues with Sophos either... 

1.) Preventing the build upgrade for completing

2.) Slowing the upgrade process, causing it to time out.


Unfortunately I do not have any evidence to backup Sophos being the problem, although when the build upgrade is in progress I can see Sophos Anti-Virus service jump up in CPU, which would indicate the on-access scanner is actively scanning the Windows 10 upgrade files.   


My question is: 


Is there a guideline of exclusions I should add to our endpoint policies, to avoid Sophos being a potential issue with Windows 10 build upgrades?

  • Hi  

    This is unusual, have you tried to disable the Sophos Services and check if it is causing the issue? You can also follow this article to check which component is causing the issue? 

  • Hi Josh,

    I agree that it's worth trying on one endpoint to see if disabling Sophos Endpoint Protection fixes the issue to narrow down the cause.

    If you do find it's related to Sophos Endpoint, a suggestion is to exclude the Windows Update folder from being scanned by real-time scanning:

    Turn off scanning of Windows Update or Automatic Update related files

    • Turn off scanning of the Windows Update or Automatic Update database file (Datastore.edb). This file is located in the following folder:
    • Turn off scanning of the log files that are located in the following folder:
      Specifically, exclude the following files:
      • Edb*.jrs
      • Edb.chk
      • Tmp.edb
    • The wildcard character (*) indicates that there may be several files.