A new version of Sophos Central Server Intercept X 2.0.16 has been released to our Sophos Central customers. This release also contains the below customer fixes:
HitManPro.Alert has been updated to 184.108.40.2066.
This release supports the following new protection features. These will initially be turned on only for servers in early access program subscriptions, before being turned on for all Intercept X customers:
Resolved an issue in which the thumbprint required to allow a lockdown alert is changed every time the application is run.
Resolved an issue in which CryptoGuard detects an attack when EPS files are copied to a file server share.
Resolved an issue that caused laptops to occasionally stop when docked.
Resolved an issue in which the HitmanPro.Alert service crashes after updating to 220.127.116.117.
Resolved an issue in which CryptoGuard is triggered on a file server because of actions being performed on endpoints using an application called AdvantX.
Resolved an issue in which Import Address Table Access Filtering exploit detections are triggered against Microsoft Office applications, as well as Adobe Acrobat and nschill.exe.
Resolved an issue in which two different lockdown detections happen at the same time.
Resolved an issue in which, with CryptoGuard turned on, the PAEXEC application fails to load.
Resolved an issue in which HitmanPro.Alert caused the operating system to stop unexpectedly on a server.
Resolved an issue in which a ZENworks virtual application fails to open.
Resolved an issue in which a lockdown is detected on Foxit Reader when attempting to open it.
Resolved an issue in which Cygwin commands fail.
Resolved an issue in which SecureCS is detected as ransomware.
Resolved an issue in which a CryptoGuard detection occurs in an internal application: FIS Direct Branch or COCC.
Resolve an issue in which Central endpoints trigger alternate Policy non-compliance: Exploit Detection and Policy in compliance: Exploit Detection events.
Resolved an issue in which a CryptoGuard detection occurs at remote IP addresses when files are saved to a shared files server.
Resolved an issue in which Directory Opus 12 triggers a CryptoGuard remote ransomware detection.
Resolved an issue in which Digital Guardian DLP causes an intruder detection to be reported while the user is browsing in Microsoft Edge.