[Sophos Notification] Advisory: October 2018 Windows Update fails to install on Windows 8.1 with Fatal error C0000022.

Hi Community,

We have identified an issue in which the latest Windows Update KB4462926 will fail to install as the update attempts to change the security on the Image File Execution registry keys which we have protected using Sophos Endpoint Defense.

The error seen when the update fails is:

  • Fatal error C0000022 applying update operation 64948 of 66623 (\Regi...)

Applies to the following Sophos product(s) and version(s)

  • Central Windows Core Agent 2.1.2

The machine will fail to install the update and on a subsequent reboot, the machine will begin to boot loop.

Update: 12/10/2018

We have just released an update to Sophos Endpoint Defense with a fix for this issue. Sophos Core Agent will update to 2.1.3.

This update will trigger a reboot requirement however the reboot will not be required for the fix to be applied.

If you are using controlled or scheduled updating please ensure you amend this as per the below articles.

This is currently under investigation by Sophos Development

  • The only known workaround at this point in time is to boot the machine into Safe Mode and allow the update to complete. After the update completes in Safe Mode the issue will no longer occur.

This article will be updated when new information becomes available.

  • This is currently plaguing our organization. Sophos please fix.

    :(

  • This appears to be affecting a number of our Windows 10 machines also, not just windows 8.1

    Currently a workaround is to boot in SafeMode and allow the update to complete then reboot to normal mode

  • Having an issue on Windows 10 with the October update. No wireless networks are listed when peripheral control is enabled.

  • In reply to Matthew Young:

    Hi Matthew,

    Would it be possible to let me know the full version of Windows 10 you are running? 

    1. Press Windows Key + R
    2. Type winver
    3. Report back the version information for e.g. Version 1703 (OS Build 15063.1324)

    Thanks

  • We have just released an update to Sophos Endpoint Defense with a fix for this issue. Sophos Core Agent will update to 2.1.3.

    This update will trigger a reboot requirement however the reboot will not be required for the fix to be applied.

    If you are using controlled or scheduled updating please ensure you amend this as per the below articles.