[German]Quick note for administrators running Sophos InterceptX or Endpoint Protection on their Windows clients and servers. There was an installation problem there because a certificate was found to be faulty – caused trouble when reinstalling. Sophos was aware of the problem for a few days and it was probably fixed by July 31, 2022. Here is some information about this issue.
Sophos InterceptX is an endpoint protection solution for Windows, which is supposed to protect against ransomware, exploit, viruses or malware and is probably used in the corporate sector. There is also Sophos Endpoint Protection as an antivirus/security solution for Windows.
Error during installation/updating
German blog reader Gero K. uses the InterceptX product on servers in his corporate environment and wrote to me on Sunday:
I tried to reinstall Sophos InterceptX on one of our servers today. [The] installation fails [with the following error].
After an hour of troubleshooting on my end Sophos case opened.
Answer: We are aware of this installation failure issue.
Sophos now wants Procmon and SDU logs from me.
Annoys me again that I now have to work for them, because they again failed miserably. It's not like the product is cheap….
The message shown by the product during installation was:
WARNING : Certificate verification failed:\n\tCertificate expired: Sophos SDDS3 signing cert temporary: NotBefore 2021-08-01T08:38:23Z, NotAfter 2022-07-31T00:00:00Z\n\t
Subject: Sophos SDDS3 signing cert temporary\n\t
Issuer: Sophos SHA384 Updating Intermediate Exp20280504
ERROR : Error: Could not verify any signatures: refusing to load unverified content
Gero thought this might be worth a blog post.
Sophos fixed the bug
However, Gero got later on Sunday back to me again and wrote, that Sophos now considers this issue fixed. This Sophos page says as of July 31, 2022 about this:
RESOLVED: Updates and Installations are failing: "Certificate expired: Sophos SDDS3 signing cert temporary"
We have received reports that updates and installation are failing. Customers indicated that endpoints are not able to update and new installations are failing
According to Sophos, the products or environments affected by this problem were:
- Central Endpoint Protection
- Intercept X
Users of these products may have seen the above error message during AutoUpdates – and not only during a fresh installation. Sophos says now about the issue: The issue was identified and resolved. So this error message should no longer occur. Thanks to Gero for the tip.
Sophos Intercept X Install or Update ends with HTTP Error 403 (May 6, 2022)
Windows 11 Update KB5013943 drops BSODs and causes issues with Sophos driver
Sophos fails with timely malware sample analysis, support contact options miserable
Cookies helps to fund this blog: Cookie settings