Sophos Central Endpoint and SEC: Computers fail/hang on boot after the Microsoft Windows April 9, 2019 update. Please follow knowledge base article 133945
Learn about the Benefits of Multi-Factor Authentication (MFA). Turn your MFA on now!
We'd love to hear about it! Click here to go to the product suggestion community
does anyone have the same problem that both engines do not update since April 12, 12.32h (Avira), 13.42h (Sophos)?
I changed to SFOS 17.5.4 MR-4-1 yesterday... Maybe it is coincidence but you never know.
thank you for pointing that out. I updated some 5 days ago, so I don't think issue is related to your upgrade. I have been investigating issues with the reporting and GUI updates that started sometime early yesterday. The daily reports are almost empty, well the web access report is empty.The GUI is missing all the application and web details.
Extra - add IPS updates also.
Deeper investigation, no log viewer updates after 0157 14/4/2019 my time.
In reply to rfcat_vk:
A new version of ATP downloaded and installed but nothing else.
upgrades from SFOS 17.5.3 MR-3 to SFOS 17.5.4 MR-4-1 on April 12. no AV Updates since then. only one ATP update.
Now Sophos and Avira AV gets the updates
In reply to Stef_An:
All is OK here again, too. ATP, Avira and Sophos are updated.
Thank you guys!
In reply to Canis68:
Not quite, IPS has not updated.
I agree Ian, same here. My IPS data is from April 11 but I thought this does not update that often.
So what you are implying is that there haven't been any new IPS/DDOS attacks in the last 3 or 4 days that require new signatures?
For sure not. Maybe I should have written first "irony mode on"... Last DoS attack I have seen here was two hours ago. I am just used to "some" delays!
Things are improving. My last IPS pattern is 9.15.80, from April 16 6pm.
Actually an "Improving" of the situation is exaggerating reality again. Last IPS pattern is the same 9.15.80 since April 16 6pm and therefore 2 days old again. Manual update does not help. Anybody from Sophos out there who can have a look at it? Would be much appreciated.
I am here as a XG User and personally speaking, The IPS Team collect the latest changes in Talos etc. to bundle them into one IPS update.
More likely this is the reason for the "slower" publishing of IPS rules.
You could check the latest talos / snort rule set. There are most likely publish only each week.
In reply to LuCar Toni:
IPS update dated 19/4/2019.
Thank you for sharing that information. Although the idea behind seems reasonable, changes once a week would be a bit scary. Today I have IPS pattern # 9.15.81, it changed yesterday @ 5pm.
In fact it is not "weeks".
But you cannot publish something, which is not "tested" and you cannot publish something, which does not exist.
So basically you can take a look at the talos changelog.