Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 8 replies
  • Subscribers 3 subscribers
  • Views 12125 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Yesterday Upgrade 5.45 IDE 119, Today 5.45 IDE 122, Today DOWNGRADE 5.44 IDE 258 - Version 10.7.2 VE3.96.2

Andre Peterhans

Hi,

What is going on with Sophos Update. We use the recommonded Update Version 10.7.2 VE3.69.2

Yesterday (17.10.2017 arround 15:00) Sophos Update SAVXP installation from 5.44 to 5.45 with 119 IDE.

Today (18.10.2017 arround 06:30) still 5.44 with 122 IDE.

Today (18.10.2017 arround 07:00) Sophos Update SAVXP installation from 5.45 to 5.44 with 258 IDE. Why this DOWNGRAD?

It is a lot of SAVXP Deinstallation and installion going on. I have never seen this before.

Best Regards,

André Peterhans



This thread was automatically locked due to age.
  • 0

    Hello Andre Peterhans,

    indeed the 5.45 detection data were rolled out yesterday afternoon and withdrawn less than two hours ago. While the software version didn't change a Major Install has been performed due to the Virus Data version change - and subsequently again on the downgrade.
    Can't say why. The AV log (SAV.txt) shows a significant increase of the number of detectable objects (14139622 vs. 13979520) but then this isn't unusual, an even bigger jump was from 5.42 to 5.43.

    recommended
    Virus Data are a supplement and independent pf the software subscription.

    Christian

  • 0 in reply to QC

    Hello Christian

    Thanks for your Explanation.

    I just haven't seen this downgrade behavior before and it is a lot of Major Installation in a couple of hours. Each time there is an uninstall, a pop-up message from Windows (Antivirus protection is missing) and an installation again. Some of our users are insecure about this behavior.

    I am curios about the next roll out.

    Best Regards,

    André

  • +1

    Hi Andre, sorry for the confusion the rollback is do to an issue identified on Chinese, Japanese and Korean language versions of the product. The details are on this advisory posted earlier this morning: https://community.sophos.com/kb/en-us/127677 

  • 0 in reply to Andre Peterhans

    Hello André,

    PeterM has explained what has happened. The advisory doesn't say whether the issue unconditionally affected all ja/ko/zh installations (in which case it shouldn't have happened at all)

    As for the pop-up - might depend on the Windows version. Is it indeed the Windows pop-up or Sophos' On-access scanning disabled?
    Anyway it shouldn't have been different from other Major Installs that occur once or twice per month. That it happened yesterday afternoon and again today might have caught their eyes though.

    Christian

  • 0 in reply to QC

    Hello all,

    apparently it took almost two weeks to fix the issue, 5.45 (with 190+ IDEs) has finally been rolled out in the last days. Looks like this delayed the rollout of 10.7.6 with engine 3.70.2 in Preview for the on-premise SESC users.

    Christian

  • 0 in reply to QC

    Hello Christian

    I have noticed the IDE roll out this week and I am waiting of the new preview release.

    Best regards,

    André

  • 0 in reply to Andre Peterhans

    Hello André,

    unless you're interested in Redstone 3 or Edge and Web Filtering on Redstone 2 the only exiting things in 10.7.6 would be the number of unspecified customer fixes. No mention of SEC 5.5.1 (or even higher) in this context.

    Christian

  • 0 in reply to QC

    Hello Christian

    Is the better handling with Exploit Prevention exeption (not within the client registry) not in the new version implemented?

    Anyway, I like to test the new version, because we had a lot of troubles a couple months ago.

    André

Unfiltered HTML