We'd love to hear about it! Click here to go to the product suggestion community
does anyone have Problems with the new Windows 10 and Safe Guard Client.
I have one Client with the newest Version of Windows 10 (18.03) after Login appears a Blue Screen.
Is here someone with equal problems?
In reply to MichaelMcLannahan:
Thank you for the case number, I will look into the ticket.
We had the same issue you are referring to only on Pentium workstations with SG 7 after the 1803 upgrade. The BSOD will happen at domain user login if the network cable was plugged in. Re-installing W10 produced the same issue.
After a few troubleshooting procedures, what worked for us was to login as a local admin on the updated machine, unistall SG 7, reboot, install SG 8, reboot again and so far our computers are working normally. Like I said before, this issue only occurred on Pentium workstations. Others with different CPU's had no issues and upgraded successfully.
We are also experiencing this issue with SG8. I currently have a ticket open with support but do not have any updates.
In reply to JohnMintz:
Have done some more testing today and can now pretty much recreate it everytime.
VERY keen to hear an update from Sophos....
Has anyone found a way to roll this back in safe mode? I am only able to get the PC out of reboot loop by going into safe mode.
I can still log in locally with a local account so can access that way. Any domain account (existing or fresh) causes the BSOD.
I have found if you log in with a local account, you are able to roll back the 1803 update. Then ensure you pause future updates. This at least gets the computer back on line and usable until Sophos finds a fix.
Please share your Support Ticket number and I will look into it.
Forgot to add but relevant - It's also the earlier version of SafeGuard 8.00.0.251 that causes this issue too - not just the latest version
Yes, that's right.
Good news in the KBA https://community.sophos.com/kb/en-us/132095.
In reply to Funkey:
Although this is partial good news, I think this article is a little mis-leading.
The partition won't always be called ESP and not always 500mb either. Appreciate they do say "MOST installations it will be volume 2" but this is definitely worth checking too and not presuming. It's not labelled on my Surface, a different size and not volume 2 either!
You will need to also make this policy modification, save it and then either assign it to ALL PC's or create an AD/local group to assign it to. You then have to get the policy received by the client and if it's BSOD'ing you'll need to log on locally off the domain to make sure this policy is received before you can reboot and log back in as a domain user. Logging on locally will also mean that you'll need to authenticate against SafeGuard manually too.
They seem to have taken down the workaround. Does anyone have the full instructions on it still saved?I kinda need it now that they've missed their 5/25 patch forecast, and now their 5/28 deadline (without even updating the KB to give us a new date...)
In reply to MichaelOwens:
Sadly I didn't but I think it was roughly...
DISKPART (Admin command prompt)
Note down "system" drive. Their example last labelled as "ESP" and 500mb in size.
Add this is an exclusion for the drive in "ignored Devices" in the general settings policy. It'll need to be in the form of Device\DeviceName.
HOWEVER....I didn't think personally this was a good solution, and it's not very scalable either. Each PC could have a different devicename/volume number.
I would ask Sophos what they recommend moving forwards. I would suspect they would recommend now rolling back Windows to 1709, or log on locally for now?
The above is my recollection of this - I my be wrong so please don't back on it! It may help jog your memory though?
there is an installable fix linked in the KB now.