Advisory: Sophos Endpoint - "Your connection isn't private" We're aware of a certificate issue and are actively working to resolve. Please see: KB-000045954 for the latest updates.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

DO NOT INSTALL 9.703-2!!!

DO NOT INSTALL 9.703-2!!!

My lab system was Up2Dated to 9.703-2 Thursday evening at 10PM CDT (UTC -0500) and all connection with the outside world immediately stopped.  My local connection would work normally a few minutes at a time and then everything would lock up for a few minutes.  I could not identify the problem with top, but did see a lot of zombie confd processes.  I lost the entire day of Friday because my wife has a big project due next week and was working via Microsoft Teams all day with her colleagues.

I will suggest to Sophos that the file be removed from the ftp site. Grumble.

Cheers - Bob

This thread was automatically locked due to age.
Parents Reply Children
  • and the moral of the story?


    Do not install any update until someone else has a critical issue, then Sophos will investigate further, pull the update and get the patch properly programmed, then release it again.


    and to be really cynical, really fix the problem six months later!

    XG & UTM Architect (Systems: XG v18 & UTM 9.7 - Virtual, HW & SW)
    Curious enough to take it apart, skilled enough to put it back together, Clever enough to hide the extra parts when I'm Done!

  • What about the brave/unlucky/dumb people who have been installing that 9.703 update manually? Do they receive that particular pattern update as well?

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

  • Reformat with 9.702 iso and restore backup file :-/


    Best regards

    Sophos XGS 2100 @ Home | Sophos v20 Architect

  • OK - lesson learned.

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

  • It seams Sophos Ltd hires to much M$ Developers

  • twister5800 wrote the following post at 17 Apr 2020 9:18 AM:

    Reformat with 9.702 iso and restore backup file :-/


    Wish we could do that...

    May I call your attention to this suggestion made over 2 years ago? Implementation of this feature would have saved our butts with Sophos' current screwup!

    We've been running an SG 230 Rev. 1 for a number of years and were quite happy with it - until we purchased a second SG 230 and stumbled across the a. m. issue Thorsten had discovered. This rendered our new Rev. 2 machine totally useless. We couldn't use it for HA or as a backup machine. The "Premium" support we contracted was no help at all ([#8609926] Backup email addresses of users registered for SPX -- Priority: Medium -- Level: Premium 25. Februar 2019, 13:34 Uhr):

    as stated in the previous emails, the functionality you requested is not and will not be provided by Sophos UTM for the foreseeable future.

    Until that day we had believed that  "Create Backup" meant saving everything needed for a COMPLETE restore - but obviously "unique site data (license, passwords, certifcates/keys)" does not entail the SPX email accounts and PWDs.

    We have roughly 1.500 SPX accounts which need to be transfered from our shot Rev. 1 system with 9.703-2 to our up-and-running Rev. 2 machine with 9.702-1.

    Any suggestions? (How) Can we transfer the SPX database files from one appliance to the other? Can we revert to 9.702-1 without losing said SPX data?

    Thanks & best regards,

  • Hallo Wilfried and welcome to the UTM Community!

    I can't believe that no one at Sophos knows where those keys are stored.  Have you tried opening a case with Sophos Support?

    Cheers - Bob

    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Sorry, Bob,

    that has been our experience. Our sorry experience has cost us € 1.700 so far.

    Here's the timeline:

    2019-12-18 we order our second SG230
    2020-01-08 we run into the SPX PWD problem and contact our supplier
    2020-01-19 they cannot help & refer us to Sophos directly
    2020-01-25 we order 1 yr. Sophos "Premium Support", the above mentioned ticket is started
    2020-02-14 they tell us that "currently SPX registered recipients cannot be saved or included in the backup" (I call that a bug, not a feature request)
    2020-02-25 the ticket is basically closed by Sophos Premium Support with the following statement & suggesting more paid help by their Professional Service Team:

    I can neither confirm nor negate whether a partial port of the corresponding database table is possible (and whether support for any problems resulting from this is still guaranteed).

    Our management was not inclined to "chase good money after bad", so we left it at that. Case closed.

    Until Sophos nuked us all with 9.703-2 ... So, is there anybody out there who can help?

    Best regards,

  • Hi Wilfried,

    maybe (but really maybe) a short look in the REST API can help to get your SPX recipients back.. but only if you have a machine with the old database running and useful to get REST calls running on it. as far as i read if you run into this bad firmware bug the machine becomes usesless after short uptime :-(

    hope others has suggestions to help you fix this out.




    Home: Zotac CI321 (8GB RAM / 120GB SSD)  with latest Sophos UTM
    Work: 2 SG430 Cluster / many other models like SG105/SG115/SG135/SG135w/...

  • The database file with the spx data should be: /var/storage/chroot-smtp/spx/auth/spx-auth-v2.ks