[Sophos Notification] Advisory: October 2018 Windows Update fails to install on Windows 8.1 with Fatal error C0000022.

Hi Community,

We have identified an issue in which the latest Windows Update KB4462926 will fail to install as the update attempts to change the security on the Image File Execution registry keys which we have protected using Sophos Endpoint Defense.

The error seen when the update fails is:

  • Fatal error C0000022 applying update operation 64948 of 66623 (\Regi...)

Applies to the following Sophos product(s) and version(s)

  • Central Windows Core Agent 2.1.2

The machine will fail to install the update and on a subsequent reboot, the machine will begin to boot loop.

Update: 12/10/2018

We have just released an update to Sophos Endpoint Defense with a fix for this issue. Sophos Core Agent will update to 2.1.3.

This update will trigger a reboot requirement however the reboot will not be required for the fix to be applied.

If you are using controlled or scheduled updating please ensure you amend this as per the below articles.

This is currently under investigation by Sophos Development

  • The only known workaround at this point in time is to boot the machine into Safe Mode and allow the update to complete. After the update completes in Safe Mode the issue will no longer occur.

This article will be updated when new information becomes available.