Sophos Endpoint
For Sophos Central customers
About these release notes
These are the release notes for Sophos Endpoint for Windows 7 and later, managed by Sophos Central.
Some of the features mentioned in these release notes are only available if you have the appropriate license.
For improvements and new features in the Sophos Central console, see What's new in Sophos Central.
Version 11.5
Components
|
Sophos Endpoint Windows 7 and later |
11.5.11 January 2018 |
11.5.10 December 2017 |
11.5.9 December 2017 Update |
11.5.9 November 2017 Update |
11.5.9 October 2017 |
11.5.8 October 2017 |
11.5.6 October 2017 Update |
11.5.6 August 2017 |
11.5.5 July 2017 Update 2 |
11.5.5 June 2017 Update |
11.5.5 May 2017 |
11.5.4 Feb 2017 |
11.5.3 Jan 2017 |
11.5.2 Nov 2016 |
11.5.1 Nov 2016 |
11.5.0 Oct 2016 |
| Sophos Anti-Virus |
10.7.6 |
10.7.6 |
10.7.6 |
10.7.6 |
10.7.6 |
10.7.6 |
10.7.3 |
10.7.3 |
10.7.3 |
10.7.3 |
10.7.3 |
10.7.1 |
10.7.1 |
10.7.0.301 |
10.7.0.301 |
10.7.0.301 |
|
Threat detection engine |
3.70.2 |
3.70.2 |
3.70.2 |
3.70.2 |
3.70.2 |
3.70.2 |
3.69.2 |
3.69.2 |
3.69.2 |
3.69.2 |
3.68.1 |
3.68.0 |
3.67.3 |
3.64.2 |
3.64.2 |
3.64.2 |
|
Sophos AutoUpdate |
5.8.411 |
5.8.407 |
5.8.407 |
5.8.407 |
5.8.407 |
5.8.340 |
5.8.340 |
5.8.340 |
5.8.340 |
5.8.340 |
5.8.340 |
5.6.388 |
5.6.0 |
5.5.0 |
5.5.0 |
5.5.0 |
|
Sophos Web Control |
1.5.1938 |
1.5.1938 |
1.5.1938 |
1.5.1938 |
1.5.1938 |
1.5.1938 |
1.5.987 |
1.5.987 |
1.5.987 |
1.5.987 |
1.5.987 |
1.5.987 |
1.5.987 |
1.5.987 |
1.5.987 |
1.5.987 |
|
Sophos Heartbeat |
4.3.60 |
4.3.60 |
4.3.60 |
4.3.60 |
4.3.60 |
4.3.60 |
4.3.60 |
4.3.60 |
4.3.60 |
4.3.60 |
4.3.60 |
4.3.60 |
4.3.0 |
4.2.0 |
4.2.0 |
4.2.0 |
|
Sophos Management Communications System |
4.7.15 |
4.7.15 |
4.7.15 |
4.7.15 |
4.7.15 |
4.7.15 |
4.6.0 |
4.6.0 |
4.4.309 |
4.4.309 |
4.4.309 |
4.3.2 |
4.3.2 |
4.3.1 |
4.3.1 |
4.3.0 |
|
Sophos System Protection |
2.6.0 |
2.6.0 |
2.6.0 |
2.6.0 |
2.6.0 |
2.6.0 |
2.6.0 |
2.6.0 |
2.6.0 |
2.6.0 |
2.6.0 |
2.6.0 |
2.6.0 |
2.6.0 |
2.6.0 |
2.6.0 |
|
Sophos Health Service |
2.0.4 |
2.0.4 |
2.0.4 |
2.0.4 |
2.0.4 |
2.0.4 |
2.0.4 |
2.0.4 |
2.0.4 |
2.0.4 |
2.0.4 |
2.0.3 |
2.0.3 |
2.0.3 |
2.0.3 |
2.0.3 |
|
Sophos Network Threat Protection Malicious Traffic Detection |
1.3.2 |
1.3.2 |
1.3.2 |
1.3.2 |
1.3.2 |
1.3.2 |
1.3.2 |
1.3.2 |
1.3.2 |
1.3.2 |
1.3.2 |
1.3.1 |
1.3.1 |
1.3.1 |
1.3.0 |
1.3.0 |
|
Sophos UI |
1.2.22 |
1.2.22 |
1.2.22 |
1.2.22 |
1.2.22 |
1.2.22 |
1.2.22 |
1.2.22 |
1.2.22 |
1.2.22 |
1.2.22 |
1.1.44 |
1.1.0 |
1.1.0 |
1.0.0 |
1.0.0 |
|
Sophos Uninstaller |
1.2.0 |
1.2.0 |
1.2.0 |
1.2.0 |
1.2.0 |
1.2.0 |
1.2.0 |
1.2.0 |
1.2.0 |
1.2.0 |
1.2.0 |
11.5.4 |
1.0.0 |
1.0.0 |
1.0.0 |
1.0.0 |
|
Sophos Endpoint Defence |
1.0.4 |
1.0.4 |
1.0.4 |
1.0.4 |
1.0.4 |
1.0.4 |
1.0.3 |
1.0.3 |
1.0.3 |
1.0.3 |
1.0.3 |
1.0.0 |
1.0.0 |
1.0.0 |
1.0.0 |
1.0.0 |
|
Sophos Endpoint Firewall |
1.0.0 |
1.0.0 |
1.0.0 |
1.0.0 |
1.0.0 |
1.0.0 |
1.0.0 |
1.0.0 |
1.0.0 |
1.0.0 |
1.0.0 |
- |
- |
- |
- |
- |
|
Sophos Self Help Tool |
1.2.76 |
1.2.76 |
1.2.76 |
1.2.76 |
1.2.76 |
1.2.76 |
1.2.76 |
1.2.76 |
1.2.76 |
1.2.76 |
1.2.76 |
1.2.76 |
1.0.0 |
- |
- |
- |
|
HitManPro.Alert |
3.6.14 |
3.6.14 |
3.6.12 |
3.6.10 |
3.6.9 |
3.6.9 |
3.6.9 |
3.6.8 |
3.6.8 |
3.6.5.593 |
3.6.3.583 |
3.6.3.583 |
- |
- |
- |
- |
|
SophosClean |
3.7.20.286 |
3.7.20.286 |
3.7.20.286 |
3.7.20.286 |
3.7.20.286 |
3.7.20.286 |
3.7.20.286 |
3.7.20.286 |
3.7.20.286 |
3.7.14.116 |
3.7.14.279 |
3.7.14.279 |
3.7.14.279 |
- |
- |
- |
Version 11.5.11
Updated components
Sophos AutoUpdate has been updated.
Resolved issues
|
Issue ID |
Component |
Description |
|---|---|---|
|
WINEP-12228 |
Sophos AutoUpdate |
Registry key required to process Microsoft January 2018 patch. |
Version 11.5.10
Resolved issues
|
Issue ID |
Component |
Description |
|---|---|---|
|
WINEP-11726 |
HitManPro.Alert |
Resolved an issue with HitManPro.Alert blocking the install and uninstall of NHS CRS Identity Agent. |
|
WINEP-11689 |
HitManPro.Alert |
Resolved an issue with uninstall stopping when attempting to uninstall the UI component. |
|
WINEP-11605 |
HitManPro.Alert |
Resolved an issue with SIMS installation not completing gracefully. |
|
WINEP-11561 |
HitManPro.Alert |
Resolved an issue with HitManPro.Alert interfering with update/upgrade of ZenWorks/Novell CASA. |
|
WINEP-10975 |
HitManPro.Alert |
Resolved an issue with injected processes that weren't linked with CRT and don't call exitprocess stopping on exit. |
|
WINEP-8885 |
HitManPro.Alert |
Resolved a problem when installing Microsoft Access 2010. |
|
WINEP-11530 |
HitManPro.Alert |
Resolved an issue with application lockdown for Powershell and other scripts. |
|
WINEP-11654 |
Sophos Endpoint Defence |
On fresh installs the health sent to the firewall is always red. |
Version 11.5.9 Update
This version was released to a limited number of customers.
Version 11.5.9 Update
Resolved issues
|
Issue ID |
Component |
Description |
|---|---|---|
|
WINEP-11336 |
HitManPro.Alert |
Resolved policy compliance issue caused by double byte characters in the executable path. |
|
WINEP-10833 |
HitManPro.Alert |
Applications are protected immediately when the software radar discovers them. |
|
WINEP-8981 |
HitManPro.Alert |
Fixed an issue with opening some applications. |
Version 11.5.8
New features
- Sophos Anti-Virus
Updated to support changes in the Windows 10 RS3 release. In particular support for the OneDrive files on demand feature.
- Sophos Device Control
Support added for the latest devices from: Kingston DataTraveler DataLocker IronKey
Updated components
The threat detection engine has been updated from 3.69.2 to 3.70.2. For information about the changes to the threat detection engine, see the Sophos Threat Detection Engine release notes.
Resolved issues
|
Issue ID |
Component |
Description |
|---|---|---|
|
WINEP-5906 |
Sophos Anti-Virus |
Resolved issues with slow uploads using Windows 7 on fast connections. |
|
WINEP-8977 |
Sophos Anti-Virus |
Resolved issues with BOPS deadlock in Internet Explorer 11. |
Version 11.5.6 update
New features
- Performance Improvements. A new HMPA Policy plugin is available. This improves policy size and deployment efficiency.
- Disk and Boot Record Protection (WipeGuard) and CryptoGuard policy. You can enable Disk and Boot Record Protection (WipeGuard) with policy control for CryptoGuard, by default. Individual policy controls are still available.
Resolved issues
|
Issue ID |
Name |
Description |
|---|---|---|
|
WINEP-8885 |
Compatibility with Microsoft Access 2010 runtime installer |
Resolved an issue with the Microsoft Access 2010-Runtime installer when CIX is installed. |
|
WINEP-9118 |
Compatibility with Windows Explorer |
Resolved an issue with CryptoGuard detection when copying files from one network share to another using Windows Explorer. |
|
WINEP-9969 |
Compatibility with Forcepoint Triton/Websense |
Resolved an issue with the triggering of intruder alerts when both Sophos Exploit Prevention and Forcepoint Triton/Websense are installed. |
|
WINEP-8038 |
Compatibility with Symantec DLO agent |
Resolved an issue with CryptoGuard detecting the Symantec DLO agent 7 backup software. |
|
WINEP-8325 |
Compatibility with McAfee HIPS |
Resolved an issue with some applications failing to start when CIX is deployed with McAfee HIPS enabled. |
|
WINEP-8327 |
CryptoGuard False positive detection |
Resolved issues with false positive detection when evaluating files containing significant encoded data. |
|
WINEP-9469, WINEP-8698 |
Compatibility with Microsoft Internet Explorer |
Resolved issues with the intermittent loading of a blank page on Internet Explorer. |
|
WINEP-9046 |
Repeated large policy updates for HMPA |
Resolved issues with a large policy update (>3MB) being sent to all endpoints several times per hour, under certain circumstances. |
|
WINEP-9765 |
Compatibility with Intel Graphics Driver |
Resolved as issue when opening Internet Explorer resulted in a loadlib detection for igd10umd32.dll (Intel graphics driver). |
|
WINEP-10248 |
Compatibility with QQ Messenger |
Resolved a problem with QQ Messenger failing on log in (Chinese IM software). |
|
WINEP-10141 |
Compatibility with Coverity |
Resolved issues with a Process Hollow detection and process termination. |
Version 11.5.6
Updated components
The Sophos Management Communications System component has been updated to 4.6.0.
Version 11.5.5 update 2
Updated components
This maintenance release of the Sophos Exploit Prevention and HitmanPro.Alert components addresses a number of customer defects.
Version 11.5.5 update
Updated components
This maintenance release of the Sophos Clean and HitmanPro.Alert components addresses a number of customer defects and improvements to CryptoGuard protection.
Version 11.5.5
New features
- The new endpoint firewall component supports the management of Windows Firewall.
Updated components
- The threat detection engine has been updated from 3.68.0 to 3.68.1. For information about the changes, see the Sophos Threat Detection Engine release notes.
- The updated version of Sophos Anti-Virus reduces alerts load to Central Management.
- The updated versions of Sophos AutoUpdate and Sophos Management Communications System support download over https, and provide support for the upcoming message relay and thin installer releases.
Version 11.5.4
Updated components
- The threat detection engine has been updated from 3.67.3 to 3.68.0. For information about the changes, see the Sophos Threat Detection Engine release notes.
Version 11.5.3
Updated components
- Sophos UI (User Interface) has been updated to improve stability and improve rendering of display strings for all supported languages.
- A new Sophos Self Help Tool enables users to diagnose issues with their installation.
- The threat detection engine has been updated from 3.64.2 to 3.67.3. For information about the changes, see the Sophos Threat Detection Engine release notes
Version 11.5.2
Updated components
- Sophos Endpoint Defence and Malicious Traffic Detection have been updated to support Secure Boot on Windows 10 Anniversary Edition. You must reboot to apply this fix.
Version 11.5.1
Updated components
- Sophos Endpoint Defence has been updated to give support for Microsoft Office 365. You must reboot to apply this fix.
Version 11.5.0
Updated components
- For information about the changes to the threat detection engine, see the Sophos Threat Detection Engine release notes.
Known issues and limitations
| Issue ID | Component | Description |
|---|---|---|
| WINEP-1770 | Sophos Anti-Virus | Sophos Anti-Virus doesn’t support Hypervisor enforced Code Integrity introduced in the Enterprise lockdown mode. |
| WINEP-1577 | Sophos Cloud agent installer | The logged on user who runs SophosInstall.exe must be a member of the
SophosAdministrator group in order to migrate an on-premise–managed computer to Sophos
Cloud. Otherwise, the installation will fail.
If you have experienced this issue, add the user account to the SophosAdministrator group and re-run the installer. |
| WINEP-1423 | Sophos Cloud agent installer | When migrating an on-premise–managed computer to Sophos Cloud, a Sophos endpoint
software update may cause the installation to fail. This happens when a computer is
migrated without using the Sophos Cloud Migration Tool, by running the Sophos Cloud
agent installer (SophosInstall.exe) on the computer either interactively or in a quiet
mode. The update frequency is configured in Sophos Enterprise Console () by the Enterprise Console administrator.
To avoid or work around this issue, you can do either of the following:
|
| WINEP-323 | Sophos Malicious Traffic Detector | Cannot exclude from scanning non-local processes that you excluded in the Cloud console if they started before the sntp (Sophos Network Threat Protection) driver starts. |
| WINEP-284 | Sophos Malicious Traffic Detector | In cleanup events, the user may be incorrectly reported as "System", although the correct user is reported for the initial detection. |
| - | Sophos Anti-Virus, Sophos Web Control | Sophos web protection and web control use a Layered Service Provider (LSP) to intercept network traffic. If web protection or web control is turned on while an incompatible third-party LSP is running, system instability can occur. Therefore, if a third-party LSP that is known to be incompatible is already installed on the computer, the Sophos LSP is not installed. For more information, see http://www.sophos.com/en-us/support/knowledgebase/116241.aspx. |
Additional information
System requirements
This version of Sophos Endpoint is supported on Windows 7 and later client operating systems. For a full list of system requirements, see http://www.sophos.com/en-us/support/knowledgebase/121027.aspx.
Support for migration from on-premise management
It is now possible to automatically migrate a computer managed by Sophos Enterprise Console or Sophos Control Center to be managed by Sophos Central. Please see the Sophos Cloud Migration Tool Help for more details.
For known migration issues, see the issues for Sophos Central agent installer in Known issues and limitations.
Support for Windows 8 and Windows 8.1
- Sophos Endpoint uses toast notifications instead of balloon notifications to display messages on screen.
- If you specify a user-defined message to be displayed in desktop messages, it is not displayed in toasts. For more information, see http://www.sophos.com/en-us/support/knowledgebase/118233.aspx.
- If Sophos Anti-Virus cleans up a threat that affects a Windows Store app, it marks the app as tampered with. This causes Windows to offer the user the ability to re-download and re-install the app.
Sophos Device Control
Sophos Device Control does not block removable storage devices that are used as system drives, as this typically destabilizes the operating system.
Shared Windows components
When you install Sophos software, some Windows components that might also be used by non-Sophos software are also installed or upgraded:
| Sophos software | Shared Windows component | |||
|---|---|---|---|---|
| Name | File names | Versions | Date of inclusion with Sophos software | |
| Sophos Anti-Virus | Microsoft XML Core Services | msxml4.dll | 4.30.2100.0 | September 2009 |
| msxml4r.dll | 4.30.2100.0 | September 2009 | ||
| ATL Library | atl90.dll | 9.0.30729.6161 | December 2014 | |
| Microsoft Visual C/C++ Runtime Libraries | msvcm90.dll | 9.0.30729.6161 | December 2014 | |
| msvcp90.dll | 9.0.30729.6161 | December 2014 | ||
| msvcr90.dll | 9.0.30729.6161 | December 2014 | ||
Technical support
You can find technical support in any of these ways:
- In the Sophos Cloud console, click the Support link on the top right of the console.
- Visit the Sophos Community at community.sophos.com/ and search for other users who are experiencing the same problem.
- Visit the Sophos support knowledgebase at www.sophos.com/en-us/support.aspx.
- Download the product documentation at www.sophos.com/en-us/support/documentation.aspx.
- Open a ticket with our support team at https://secure2.sophos.com/support/contact-support/support-query.aspx.
Legal notices
Copyright © 2013–20178 Sophos Limited. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise unless you are either a valid licensee where the documentation can be reproduced in accordance with the license terms or you otherwise have the prior permission in writing of the copyright owner.
Sophos and Sophos Anti-Virus are registered trademarks of Sophos Limited and Sophos Group. All other product and company names mentioned are trademarks or registered trademarks of their respective owners.