These are the release notes for Intercept X Advanced for Server with XDR for Windows Server 2008 R2 and later operating systems.
Some information only applies to specific versions of Windows. For example, we tell you which updates apply to Windows Server 2016 and later.
Some of the features mentioned in these release notes are only available if you have the appropriate license.
The three numbers in the version uniquely identify the software and configuration released. The version number displayed in the Sophos Endpoint and Central console may include a fourth number which can be ignored when verifying the installed release.
You may find that you can't yet download and use the latest version. This is because Sophos releases the software over a number of days, but publishes the release notes on the first day.
View the product documentation at Server protection.
The information in this section only applies to installations on Windows Server 2016 and later.
| Issue ID | Component | Description |
|---|---|---|
| WINEP-51416 | HitmanPro.Alert | Fixed an issue where an HMPA generated event was not recorded in the associated central RCA report. |
| WINEP-51138 | HitmanPro.Alert | Fixed an issue where HMPA could alert against applications packaged with BoxedApp. |
| WINEP-50650 | HitmanPro.Alert | Fixed an issue that crashed Microsoft Edge (32-bit) when CookieGuard is enabled. |
| WINEP-50430 | HitmanPro.Alert | Improved Cryptoguard performance in the case that a large file is read in as many small increments. |
| WINEP-50143 | HitmanPro.Alert | Fixed an issue that could cause 32-bit Microsoft Edge to crash with CookieGuard enabled. |
| WINEP-50595 | HitmanPro.Alert | Fixed an issue that prevented the TRUMPF application connecting to a file share using SMB1. |
| WINEP-49614 | HitmanPro.Alert | Fixed an issue that could generate false positive Intruder alerts |
| WINEP-49333 | HitmanPro.Alert | Fixed an issue where an EXCEL Add-in failed to load on Citrix Servers |
| WINEP-49691 | HitmanPro.Alert | Added the ability to suppress Stack Pivot detections in the bloomfilter by executable name. |
| WINEP-49527 | HitmanPro.Alert | Updated the Cryptoguard Notes detection algorithm to reduce false positive detections. |
| WINEP-49307 | HitmanPro.Alert | Implemented a consistent thumbprint to allow exclusion of ROP alerts against PretonSaver. |
| WINEP-49266 | HitmanPro.Alert | Fixed compatibility issues when installed alongside MediTech EHR software. |
| WINEP-49101 | HitmanPro.Alert | Fixed an issue that could cause slow performance when running Epicor Kinetic ERP software. |
| WINEP-47494 | HitmanPro.Alert | Fix to reduce the number of False Positive CredGuardLSASS alerts logged locally against informational and debug tools. |
| WINEP-49260 | HitmanPro.Alert | Fixed an issue where lockdown alerts triggered against an application did not provide a consistent thumbprint to support whitelisting. |
| WINEP-49072 | HitmanPro.Alert | Fixed and issue where the HMPA installer didn't delete the service dependency on upgrade. |
| WINEP-48715 | HitmanPro.Alert | Fixed an issue where applications using the VMWare Protect product could crash on start-up. |
| WINEP-47995 | HitmanPro.Alert | Fixed an issue where Excel files could not be loaded when encrypted by FinalCode. |
| WINEP-46881 | HitmanPro.Alert | Removed the need for multiple path exclusions for LoadLib when running applications from remote shares. |
| WINEP-46753 | HitmanPro.Alert | Fixed an issue where an exclusion wasn't correctly applied for the application XDR - Imaging Through Science. |
The information in this section only applies to installations on Windows Server 2012 R2 or earlier.
| Issue ID | Component | Description |
|---|---|---|
| WINEP-49909 | HitmanPro.Alert | Fixed an issue that could generate false positive Intruder alerts. |
| WINEP-49891 | HitmanPro.Alert | Removed the need for multiple path exclusions for LoadLib when running applications from remote shares. |
| WINEP-49893 | HitmanPro.Alert | Fixed an issue where lockdown alerts triggered against an application did not provide a consistent thumbprint to support whitelisting. |
| WINEP-49895 | HitmanPro.Alert | Implemented a consistent thumbprint to allow exclusion of ROP alerts against PretonSaver. |
The information in this section only applies to installations on Windows Server 2008 R2 or earlier.
| Issue ID | Component | Description |
|---|---|---|
| WINEP-49909 | HitmanPro.Alert | Fixed an issue that could generate false positive Intruder alerts. |
| WINEP-49891 | HitmanPro.Alert | Removed the need for multiple path exclusions for LoadLib when running applications from remote shares. |
| WINEP-49893 | HitmanPro.Alert | Fixed an issue where lockdown alerts triggered against an application did not provide a consistent thumbprint to support whitelisting. |
| WINEP-49895 | HitmanPro.Alert | Implemented a consistent thumbprint to allow exclusion of ROP alerts against PretonSaver. |
| Sophos Central Server Intercept X |
2023.2.1 February 2024 |
2023.1.1 June 2023 |
2022.1.3 November 2022 |
2022.1.1.12 August 2022 |
2022.1.1.12 August 2022 |
2021.3.1.11 May 2022 |
2.0.24 February 2022 |
2.0.22 August 2021 |
2.0.20 April 2021 |
2.0.19 February 2021 |
2.0.19 January 2021 |
2.0.18 October 2020 |
2.0.17 May 2020 |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| HitManPro.Alert | 3.9.3.775 | 3.9.1.2325 | 3.9.0.1391 | 3.9.0.1344 | 3.8.4.37 | 3.8.3.812 | 3.8.1.504 | 3.8.1.504 | 3.8.1.504 | 3.8.0.523 | 3.8.0.523 | 3.7.17.321 | 3.7.15.446 |
| Sophos Machine Learning Engine | 1.7.0.19 | 1.7.0.19 | 1.7.0.19 | 1.5.3 | 1.5.3 | 1.5.3 |
You should also read the Sophos Server Core Agent release notes. They cover the changes, resolved issues and known issues for the core components.
For information about the changes to the SophosServer Core Agent, see the Sophos Server Core Agent release notes.
For information about the changes to Sophos Central Server Anti-Virus, see the Sophos Central Server Anti-Virus release notes.
For improvements and new features in Sophos Central, see What's new in Sophos Central.
Occasionally an update requires a restart. Sophos never forces this restart and there is no impact on protection or threat detection updates during the period before the restart.
We recommend that you schedule a restart during your next maintenance window to ensure that you are running the latest version.
| Sophos Central Server Intercept X |
2023.2.1 February 2024 |
2023.1.1 June 2023 |
2022.1.3 November 2022 |
2022.1.1.12 August 2022 |
2021.3.1.11 May 2022 |
2.0.24 February 2022 |
2.0.22 August 2021 |
2.0.20 April 2021 |
2.0.19 February 2021 |
2.0.19 January 2021 |
2.0.18 October 2020 |
2.0.17 May 2020 |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| HitManPro.Alert | 3.8.7.13 | 3.8.6.11 | 3.8.5.36 | 3.8.4.37 | 3.8.4.37 | 3.8.3.812 | 3.8.1.504 | 3.8.1.504 | 3.8.1.504 | 3.8.0.523 | 3.8.0.523 | 3.7.17.321 |
| Sophos Machine Learning Engine | 1.7.0.19 | 1.7.0.19 | 1.7.0.19 | 1.5.3 | 1.5.3 | 1.5.3 |
You should also read the Sophos Server Core Agent release notes. They cover the changes, resolved issues and known issues for the core components.
For information about the changes to the SophosServer Core Agent, see the Sophos Server Core Agent release notes.
For information about the changes to Sophos Central Server Anti-Virus, see the Sophos Central Server Anti-Virus release notes.
For improvements and new features in Sophos Central, see What's new in Sophos Central.
Occasionally an update requires a restart. Sophos never forces this restart and there is no impact on protection or threat detection updates during the period before the restart.
We recommend that you schedule a restart during your next maintenance window to ensure that you are running the latest version.
| Sophos Central Server Intercept X |
2023.2.1 February 2024 |
2023.1.1 June 2023 |
2022.1.3 November 2022 |
2022.1.1.12 August 2022 |
2021.3.1.11 May 2022 |
2.0.24 February 2022 |
2.0.22 August 2021 |
2.0.20 April 2021 |
2.0.19 February 2021 |
2.0.19 January 2021 |
2.0.18 October 2020 |
2.0.17 May 2020 |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| HitManPro.Alert | 3.8.7.13 | 3.8.6.11 | 3.8.5.36 | 3.8.4.37 | 3.8.4.37 | 3.8.3.812 | 3.8.1.504 | 3.8.1.504 | 3.8.1.504 | 3.8.0.523 | 3.8.0.523 | 3.7.17.321 |
| Sophos Machine Learning Engine | 1.7.0.19 | 1.7.0.19 | 1.7.0.19 | 1.5.3 | 1.5.3 | 1.5.3 |
You should also read the Sophos Server Core Agent release notes. They cover the changes, resolved issues and known issues for the core components.
For information about the changes to the SophosServer Core Agent, see the Sophos Server Core Agent release notes.
For information about the changes to Sophos Central Server Anti-Virus, see the Sophos Central Server Anti-Virus release notes.
For improvements and new features in Sophos Central, see What's new in Sophos Central.
Occasionally an update requires a restart. Sophos never forces this restart and there is no impact on protection or threat detection updates during the period before the restart.
We recommend that you schedule a restart during your next maintenance window to ensure that you are running the latest version.
The information in this section only applies to installations on Windows Server 2016 and later.
| Issue ID | Component | Description |
|---|---|---|
| WINEP-46759 | HitmanPro.Alert | Fixed an issue with false DEP exploit alerts being raised on 32-bit browsers. |
| WINEP-46224 | HitmanPro.Alert | Fixed an issue where files being renamed could generate unwanted exploit detections. |
| WINEP-45043 | HitmanPro.Alert | Fixed an issue where a device could crash when "Turn on anti-ransomware protection and exploit mitigations" is turned off in a threat protection policy. |
| WINEP-44598 | HitmanPro.Alert | Fixed an issue that could delay the start-up of Microsoft 365 applications. |
| WINEP-39428 | HitmanPro.Alert | Fixed an issue that caused performance issues when overwriting files on network shares. |
| WINEP-44994 | HitmanPro.Alert | Resolved an issue with false Return Oriented Programming (ROP) exploit alerts when using third-party plugins in Microsoft Excel. |
| WINEP-46239 | HitmanPro.Alert | Resolved an issue with the HitmanPro.Alert installer stopping. |
| WINEP-41309 | HitmanPro.Alert | Resolved an issue with false detections on opening Microsoft Access database (.mdb) files. |
| WINEP-46316 | HitmanPro.Alert | Resolved an issue with policy exclusions not being applied to Microsoft Excel files. |
The information in this section only applies to installations on Windows Server 2012 R2 or earlier.
| Issue ID | Component | Description |
|---|---|---|
| WINEP-46039 | HitmanPro.Alert | Resolved an issue with devices stopping. |
| WINEP-46041 | HitmanPro.Alert | Resolved an issue with false Return Oriented Programming (ROP) exploit alerts. |
| WINEP-46044 | HitmanPro.Alert | Resolved an issue with false CredGuard alerts. |
| WINEP-46342 | HitmanPro.Alert | Resolved an issue with policy exclusions not being applied to Microsoft Excel files. |
This version contains:
| Issue ID | Component | Description |
|---|---|---|
| WINEP-43246 | HitmanPro.Alert | Resolved an issue that could delay Windows Logon. |
| WINEP-39820 | HitmanPro.Alert | Resolved an issue where Microsoft Access files produced false lockdown alerts. |
| WINEP-39222 | HitmanPro.Alert | Resolved an issue with CryptoGuard exclusions for remote folder locations. |
| WINEP-37083 | HitmanPro.Alert | Resolved an issue in which Data Execution Prevention (DEP) mitigation alerts could be produced in error. |
| WINEP-35249 | HitmanPro.Alert | Resolved an issue where policy verification fails because of special characters in paths. |
| WINEP-38570 | HitmanPro.Alert | Resolved a performance issue when running Microsoft Access queries. |
| WINEP-38561 | HitmanPro.Alert | Resolved a performance issue with unsigned executables. |
| WINEP-38480 | HitmanPro.Alert | Resolved an issue where CryptoGuard backup files weren't cleaned up after a computer shut down unexpectedly. |
| WINEP-38405 | HitmanPro.Alert | Resolved an issue where we couldn't exclude some applications from lockdown mitigation by adding a new thumbprint type. |
| WINEP-38220 | HitmanPro.Alert | Resolved an issue causing a stop error on highly-loaded, multi-threaded environments. |
| WINEP-37769 | HitmanPro.Alert | Resolved an issue where a server stopped responding. |
| WINEP-37053 | HitmanPro.Alert | Resolved an issue where .p7m file types produced false lockdown alerts. |
| WINEP-36366 | HitmanPro.Alert | Resolved an issue where Microsoft Office applications produced false Data Execution Prevention (DEP) alerts. |
| WINEP-35775 | HitmanPro.Alert | Resolved an issue where the telemetry executable has high CPU usage. |
| WINEP-35272 | HitmanPro.Alert | Resolved an issue where a variant of a process hollowing attack wasn't detected. |
| WINEP-35964 | HitmanPro.Alert | Resolved an issue where HitmanPro.Alert could fail to install. |
| WINEP-34889 | HitmanPro.Alert | Resolved a compatibility issue with CET Designer. |
The new features, updates and resolved issues in this version apply to installations on Windows Server 2016 and later.
Installations on earlier versions of Windows Server are still using HitManPro.Alert 3.8.4.37. The new features, updates and resolved issues don't apply to this version of HitmanPro.Alert.
You can now use wildcards in the paths for exploit mitigation and ransomware exclusions.
HitManPro.Alert has been updated to 3.9.0.1344.
| Issue ID | Component | Description |
|---|---|---|
| WINEP-39977 | HitmanPro.Alert | Resolved an issue where license.txt files produced a false CryptoGuard detection. |
| WINEP-39820 | HitmanPro.Alert | Resolved an issue where Microsoft Access files produced false lockdown alerts. |
| WINEP-39222 | HitmanPro.Alert | Resolved an issue with CryptoGuard exclusions for remote folder locations. |
| WINEP-37083 | HitmanPro.Alert | Resolved an issue in which Data Execution Prevention (DEP) mitigation alerts could be produced in error. |
| WINEP-35249 | HitmanPro.Alert | Resolved an issue where policy verification fails because of special characters in paths. |
| WINEP-38570 | HitmanPro.Alert | Resolved a performance issue when running Microsoft Access queries. |
| WINEP-38561 | HitmanPro.Alert | Resolved a performance issue with unsigned executables. |
| WINEP-38480 | HitmanPro.Alert | Resolved an issue where CryptoGuard backup files weren't cleaned up after a computer shut down unexpectedly. |
| WINEP-38405 | HitmanPro.Alert | Resolved an issue where we couldn't exclude some applications from lockdown mitigation by adding a new thumbprint type. |
| WINEP-38220 | HitmanPro.Alert | Resolved an issue causing a stop error on highly-loaded, multi-threaded environments. |
| WINEP-37769 | HitmanPro.Alert | Resolved an issue where a server stopped responding. |
| WINEP-37053 | HitmanPro.Alert | Resolved an issue where .p7m file types produced false lockdown alerts. |
| WINEP-36366 | HitmanPro.Alert | Resolved an issue where Microsoft Office applications produced false Data Execution Prevention (DEP) alerts. |
| WINEP-35775 | HitmanPro.Alert | Resolved an issue where the telemetry executable has high CPU usage. |
| WINEP-35272 | HitmanPro.Alert | Resolved an issue where a variant of a process hollowing attack wasn't detected. |
| WINEP-35964 | HitmanPro.Alert | Resolved an issue where HitmanPro.Alert could fail to install. |
| WINEP-34889 | HitmanPro.Alert | Resolved a compatibility issue with CET Designer. |
| WINEP-36899 | HitmanPro.Alert | Resolved an issue where HitmanPro.Alert fails when a device shuts down. |
HitManPro.Alert has been updated to 3.8.4.37.
Supports centrally managed Cryptoguard exclusions by path and process name.
HitManPro.Alert has been updated to 3.8.3.812.
| Issue ID | Component | Description |
|---|---|---|
| WINEP-32533 | HitmanPro.Alert | Resolved an issue in which Sophos CryptoGuard stopped Windows computers shutting down. |
| WINEP-32239 | HitmanPro.Alert | Resolved an issue with HitmanPro.Alert updates failing on some endpoints. |
| WINEP-31835 | HitmanPro.Alert | Resolved an issue with AutoCad Encryption triggering a false Sophos CryptoGuard detection. |
| WINEP-31629 | HitmanPro.Alert | Resolved an issue in which Microsoft Outlook stops when a user replies to emails. |
| WINEP-31531 | HitmanPro.Alert | Resolved an issue in which Sims 4 fails to start. |
| WINEP-31119, WINEP-30598 | HitmanPro.Alert | Resolved issues with false Application Procedure Calls (APC) violations. |
| WINEP-30814 | HitmanPro.Alert | Resolved an issue in which HitmanPro.Alert prevented some Windows machines stopping when the lockdown mitigation was active. |
| WINEP-29831 | HitmanPro.Alert | Resolved an issue in which Sophos CryptoGuard doesn't detect ransomware. |
| WINEP-29097 | HitmanPro.Alert | Resolved an issue in which HitmanPro.Alert prevents some third-party applications running. |
| WINEP-28276 | HitmanPro.Alert | Resolved an issue in which Sophos CryptoGuard doesn't detect remotely. |
| WINEP-24513 | HitmanPro.Alert | Resolved an issue in which Sophos CryptoGuard affects the performance of ModFlow. |
| WINEP-30725 | HitmanPro.Alert | Fixed unquoted path stored in registry (CVE-2021-25269). |
| WINEP-36258 | HitmanPro.Alert | Resolved an issue with computers crashing when Forcepoint DLP is also installed. |
Machine Learning Engine has moved to the Core Central product.
HitManPro.Alert has been updated to 3.8.1.504.
| Issue ID | Component | Description |
|---|---|---|
| WINEP-30574 | HitmanPro.Alert | Resolved an issue in which CodeCave detections caused third-party software to stop. |
| WINEP-28964 | HitmanPro.Alert | Resolved an issue with a CallerCheck exception in Microsoft Word documents. |
| WINEP-24788 | HitmanPro.Alert | Resolved an issue with WipeGuard producing false positive alerts. |
Machine Learning Engine has been updated to 1.7.0.19.
HitManPro.Alert has been updated to 3.8.0.523.
| Issue ID | Component | Description |
|---|---|---|
| WINEP-22855 | HitmanPro.Alert | Resolved an issue in which files processed by the Lacerte tax application trigger a Sophos CryptoGuard detection. |
| WINEP-23600 | HitmanPro.Alert | Resolved an issue in which copying files using Perl triggers false Sophos CryptoGuard detections. |
| WINEP-24788 | HitmanPro.Alert | Resolved issues with opening applications when Sophos Intercept X is installed. |
| WINEP-24979 | HitmanPro.Alert | Resolved an issue in which the DATAC accounting application triggers a Sophos CryptoGuard detection. |
| WINEP-22721 | HitmanPro.Alert | Resolved performance issues. |
| WINEP-25281 | HitmanPro.Alert | Resolved an issue in which running a program called FLS VISITOUR Client 3.0 causes a Code Cave detection to occur. |
| WINEP-25612 | HitmanPro.Alert | Resolved an issue in which running Digital Guardian and Intercept X causes Microsoft Outlook to stop. |
| WINEP-25816 | HitmanPro.Alert | Resolved an issue in which running Citrix and Intercept X causes slow startup of computers. |
| WINEP-26020 | HitmanPro.Alert | Resolved an issue in which Intercept X causes an application called ShopVue to stop. |
| WINEP-26083 | HitmanPro.Alert | Resolved an issue in which running Intercept X causes an application called MeyerFire Toolkit to stop. |
| WINEP-27200 | HitmanPro.Alert | Resolved an issue in which using TIFF as a file extension triggers false Sophos CryptoGuard detections. |
| WINEP-27353 | HitmanPro.Alert | Resolved an issue in which Windows computers fail to restart from sleep mode. |
| WINEP-27965 | HitmanPro.Alert | Resolved an issue with 32-bit computers running Windows 7 stopping. |
| WINEP-28764 | HitmanPro.Alert | Resolved an issue with multiple applications stopping when running AMSIGuard. |
HitManPro.Alert has been updated to 3.7.17.321.
| Issue ID | Component | Description |
|---|---|---|
| WINEP-24365 | HitmanPro.Alert | Resolved an issue on Windows 7 64 bit in which Google Chrome stops respondingwhen it is opened. |
| WINEP-24165 | HitmanPro.Alert | Resolved an issue in which running an ALPS touch pad driver causes Windows to stop unexpectedly. |
| WINEP-23418 | HitmanPro.Alert | Reduced memory usage during CryptoGuard backup to reduce the likelihood of stack exhaustion when CryptoGuard is run alongside some third-party software. |
| WINEP-22509 | HitmanPro.Alert | Resolved an issue that affects the performance of Sophos CryptoGuard with Caselle Connect. |
| WINEP-22307 | HitmanPro.Alert | Resolved an issue in which Microsoft Excel stops responding if hmpalert.dll is loaded. |
| WINEP-23475 | HitmanPro.Alert | Resolved an issue to mitigate against the RIPlace evasion technique. |
| WINEP-23022 | HitmanPro.Alert | Added a check of alerts to ensure that they are valid XML and can therefore be sent to the management console. |
| WINEP-22694 | HitmanPro.Alert | Resolved an issue in which alerts that are triggered by HitmanPro.Alert are not sent to the management console. |
| WINEP-21284 | HitmanPro.Alert | Resolved an issue in which a StackExec detection occurs while browsing an internal website. |
| WINEP-22968 | HitmanPro.Alert | Resolved an issue in which running a program called Flight Time causes a CodeCave detection to occur. |
| WINEP-22653 | HitmanPro.Alert | Resolved an issue with a CallerCheck exception in Microsoft Word documents. |
| WINEP-22425 | HitmanPro.Alert | Resolved an issue in which a LoadLib detection occurs while browsing the Centricity Enterprise website. |
| WINEP-21285 | HitmanPro.Alert | Resolved an issue in which decrypted files that IFMS decryption software places on a file server trigger a Sophos CryptoGuard IP detection. |
| WINEP-16280 | HitmanPro.Alert | Resolved an issue in which a previously allowed application needed to bere-allowed after it was updated. |
This release supports the following new protection features. These will initially be turned on only for servers in early access program subscriptions, before being turned on for all Intercept X customers:
HitManPro.Alert has been updated to 3.7.15.446.
| Issue ID | Component | Description |
|---|---|---|
| WINEP-21933 | HitmanPro.Alert | Resolved an issue in which the thumbprint required to allow a lockdown alert is changed every time the application is run. |
| WINEP_20880 | HitmanPro.Alert | Resolved an issue in which CryptoGuard detects an attack when EPS files are copied to a file server share. |
| WINEP-20812 | HitmanPro.Alert | Resolved an issue that caused laptops to occasionally stop when docked. |
| WINEP-20759 | HitmanPro.Alert | Resolved an issue in which the HitmanPro.Alert service crashes after updating to 3.7.13.1337. |
| WINEP-20438 | HitmanPro.Alert | Resolved an issue in which CryptoGuard is triggered on a file server because of actions being performed on endpoints using an application called AdvantX. |
| WINEP-20356 | HitmanPro.Alert | Resolved an issue in which Import Address Table Access Filtering exploit detections are triggered against Microsoft Office applications, as well as Adobe Acrobat and nschill.exe. |
| WINEP-19843 | HitmanPro.Alert | Resolved an issue in which two different lockdown detections happen at the same time. |
| WINEP-19818 | HitmanPro.Alert | Resolved an issue in which, with CryptoGuard turned on, the PAEXEC application fails to load. |
| WINEP-19765 | HitmanPro.Alert | Resolved an issue in which HitmanPro.Alert caused the operating system to stop unexpectedly on a server. |
| WINEP-19707 | HitmanPro.Alert | Resolved an issue in which a ZENworks virtual application fails to open. |
| WINEP-19647 | HitmanPro.Alert | Resolved an issue in which a lockdown is detected on Foxit Reader when attempting to open it. |
| WINEP-19378 | HitmanPro.Alert | Resolved an issue in which Cygwin commands fail. |
| WINEP-19359 | HitmanPro.Alert | Resolved an issue in which SecureCS is detected as ransomware. |
| WINEP-19351 | HitmanPro.Alert | Resolved an issue in which a CryptoGuard detection occurs in an internal application: FIS Direct Branch or COCC. |
| WINEP-19320 | HitmanPro.Alert | Resolve an issue in which Central endpoints trigger alternate Policy non-compliance: Exploit Detection and Policy in compliance: Exploit Detection events. |
| WINEP-19174 | HitmanPro.Alert | Resolved an issue in which a CryptoGuard detection occurs at remote IP addresses when files are saved to a shared files server. |
| WINEP-19100 | HitmanPro.Alert | Resolved an issue in which Directory Opus 12 triggers a CryptoGuard remote ransomware detection. |
| WINEP-17943 | HitmanPro.Alert | Resolved an issue in which Digital Guardian DLP causes an intruder detection to be reported while the user is browsing in Microsoft Edge. |
This version includes improvements and fixes to HitManPro.Alert.
HitManPro.Alert has been updated to 3.7.14.40.
| Issue ID | Component | Description |
|---|---|---|
| WINEP-16237 | HitmanPro.Alert | Resolved an issue preventing a secure email gateway processing emails. |
| WINEP-16354 | HitmanPro.Alert | Resolved an issue with the CryptoGuard folder not emptying correctly on a file server. |
| WINEP-17173 | HitmanPro.Alert | Resolved an issue with ROP detection in Microsoft Excel with encrypted documents. |
| WINEP-17347 | HitmanPro.Alert | Resolved an issue with DNS resolution failing. |
| WINEP-17406 | HitmanPro.Alert | Resolved an issue with AppSense failing to install. |
| WINEP-17454 | HitmanPro.Alert | Resolved an issue with a Caller Check exception in Internet Explorer 11. |
| WINEP-17842 | HitmanPro.Alert | Resolved an issue with CryptoGuard detecting an attack in RoboCopy copying files. |
| WINEP-18105 | HitmanPro.Alert | Resolved an issue with CryptoGuard slowing down the digitial file signature checking process. |
| WINEP-18169 | HitmanPro.Alert | Resolved an issue with false CryptoGuard detections when generating Microsoft Word documents remotely. |
| WINEP-18181 | HitmanPro.Alert | Resolved an issue with CryptoGuard checking excluded processes. |
| WINEP-18292 | HitmanPro.Alert | Resolved an issue with a Caller Check exception in Microsoft Outlook. |
| WINEP-18353 | HitmanPro.Alert | Improved CryptoGuard's performance with excluded files. |
| WINEP-18520 | HitmanPro.Alert | Resolved an issue with running secure apps in Firefox. |
| WINEP-18583 | HitmanPro.Alert | Resolved an issue with a Caller Check exception in macro enabled Microsoft Excel files. |
| WINEP-18667 | HitmanPro.Alert | Resolved an issue with HitmanPro.Alert upgrades causing servers to stop. |
| WINEP-18722 | HitmanPro.Alert | Resolved an issue with HitmanPro.Alert failing to add files as exceptions. |
| WINEP-18783 | HitmanPro.Alert | Resolved performance issues with HitmanPro.Alert. |
| WINEP-18873 | HitmanPro.Alert | Resolved an issue with HitmanPro.Alert preventing encrypted remote sessions starting. |
| WINEP-18893 | HitmanPro.Alert | Resolved an issue with HitmanPro.Alert causing machines running Windows 10 (1803) to stop. |
| WINEP-18915 | HitmanPro.Alert | Resolved an issue with false CryptoGuard detections when encrypting files. |
| WINEP-19078 | HitmanPro.Alert | Resolved an issue with false CryptoGuard detections when encrypting files remotely with SafeGuard File Encryption 8.10.2. |
| WINEP-19179 | HitmanPro.Alert | Resolved an issue with false CryptoGuard detections when encrypting files remotely with etfile. |
| WINEP-19282, WINEP-17047 | HitmanPro.Alert | Resolved issues with Caller Check exceptions in games. |
| WINEP-19792 | HitmanPro.Alert | Resolved an issue with HitmanPro.Alert causing servers running Windows Server 2008 R2 to stop. |
| WINEP-15961 | HitmanPro.Alert | Resolved an issue with saving Microsoft Office files to a network share when CryptoGuard is installed. |
| WINEP-16679 | HitmanPro.Alert | Resolved an issue with false CryptoGuard detections when Safeguard File Encryption is installed. |
| WINEP-17244 | HitmanPro.Alert | Resolved memory issues on Windows 2012 servers. |
| WINEP-15669 | HitmanPro.Alert | Resolved an issue with Microsoft Application Verifier protected apps not starting. |
| WINEP-15791 | HitmanPro.Alert | Resolved an issue with running the Microsoft Office NetDocuments plugin in Internet Explorer 11. |
| WINEP-15954 | HitmanPro.Alert | Resolved an issue with false Data Execution Prevention (DEP) detections when creating PDF files in Adobe Acrobat 2017. |
| WINEP-16207 | HitmanPro.Alert | Resolved an issue with reading ebooks in Internet Explorer 11. |
| WINEP-16564 | HitmanPro.Alert | Resolved an issue where vswhere.exe doesn't run (first time) when CryptoGuard is turned on. |
| WINEP-16763 | HitmanPro.Alert | Resolved false hollow process detections with open source office suite and eye tracking software. |
| WINEP-16974 | HitmanPro.Alert | Resolved an issue with detections in auditing software. |
| WINEP-17393 | HitmanPro.Alert | Resolved an issue with APC alert reporting. |
| WINEP-17439 | HitmanPro.Alert | Resolved false hollow process detections in Microsoft Visual Studio 2017. |
| WINEP-16914 | HitmanPro.Alert | Resolved an issue with CryptoGuard detections in PDF files. |
| WINEP-20547 | HitmanPro.Alert | Resolved an issue with logging off from Windows after upgrading Windows 10 to version 1903. |
| WINEP-21188 | HitmanPro.Alert | Resolved an issue that could cause an older version of a component to be loaded instead of the latest. |
This version includes improvements and fixes to HitManPro.Alert.
HitManPro.Alert has been updated to 3.7.12.466.466.
Machine Learning Model has been updated to 20190222.
This version includes improvements and fixes to HitManPro.Alert./p>
HitManPro.Alert has been updated to 3.7.10.762.174.
Machine Learning Model has been updated to 20181024.
| Issue ID | Component | Description |
|---|---|---|
| WINEP-15695 | HitmanPro.Alert | Resolved an issue with an IP Cryptoguard detection when using the NGEN publishing application. |
| WINEP-14950 | HitmanPro.Alert | Resolved an issue with ROP detection in Winword.exe. |
| WINEP-14858 | HitmanPro.Alert | Resolved an issue with ROP detection in several applications. |
| WINEP-14833 | HitmanPro.Alert | Resolved an issue with ROP detections in Chrome 67 and later. |
| WINEP-14590 | HitmanPro.Alert | Resolved an issue with intruder detections in Chrome and Internet Explorer with LANDesk installed (SoftMon.exe) |
| WINEP-14505 | HitmanPro.Alert | Resolved an issue with PDFs failing to open from the command line. |
| WINEP-14442 | HitmanPro.Alert | Resolved an issue with a Caller Check exception in Outlook when the SNAPAddy plugin is installed. |
| WINEP-14253 | HitmanPro.Alert | Resolved memory issues that caused Windows to stop. |
| WINEP-14139 | HitmanPro.Alert | Resolved an issue with Skype failing during a video call. |
| WINEP-13578 | HitmanPro.Alert | Resolved an issue with an IP Cryptoguard detection in Lotus Notes. |
| WINEP-13460 | HitmanPro.Alert | Resolved an issue with Windows 7 computers hanging on shutdown. |
| WINEP-13454 | HitmanPro.Alert | Resolved an issue a false LoadLib exploit detection in Firefox. |
| WINEP-13338 | HitmanPro.Alert | Resolved an issue with Wipeguard protection not working on Hyper-V virtualized systems. |
| WINEP-13238 | HitmanPro.Alert | Resolved an issue with a Caller Check exception in Excel when the UnionSquare plugin is installed. |
| WINEP-13230 | HitmanPro.Alert | Resolved an issue with a Windows 7 machine freezing when running Intercept X and Symantec Endpoint 14.0.3897.1101. |
| WINEP-13209 | HitmanPro.Alert | Resolved an issue with false ROP exploit detection with Excel documents containing multiple macros. |
| WINEP-13164 | HitmanPro.Alert | Resolved an issue with a Cryptoguard detection in AppLife Update. |
| WINEP-13162 | HitmanPro.Alert | Resolved an issue with false detections when Digital Guardian is installed. |
| WINEP-12989 | HitmanPro.Alert | Resolved an issue with a HitmanPro.Alert driver causing Windows to stop. |
| WINEP-12932 | HitmanPro.Alert | Resolved an issue with a Lockdown detection in Internet Explorer when accessing an internal web app. |
| WINEP-12840 | HitmanPro.Alert | Resolved an issue with detections in a debug version of the Flash ActiveX plugin. |
| WINEP-12735 | HitmanPro.Alert | Resolved an issue with false Import Address Table Access Filtering detections in Outlook. |
| WINEP-11473 | HitmanPro.Alert | Resolved an issue with Windows error logs being created for HitmanPro.Alert. |
| WINEP-16464 | HitmanPro.Alert | Resolved an issue causing ROP detections against Microsoft Office 2013. |
| WINEP-16202 | HitmanPro.Alert | Resolved an issue with ROP detections in Chrome and streaming media. |
| WINEP-15832 | HitmanPro.Alert | Resolved an issue when installing Sophos Central Web Gateway. |
See knowledge base article 124988 for a full list of known issues with Sophos Central Server Intercept X .
This version of Sophos Central Server Intercept X is supported on Windows Server 2008 R2 and later operating systems. Versions of Windows targeted by Microsoft for non-business environments are not supported.
You can find technical support for Sophos products in any of these ways:
Copyright © 2022 Sophos Limited. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise unless you are either a valid licensee where the documentation can be reproduced in accordance with the license terms or you otherwise have the prior permission in writing of the copyright owner.
Sophos and Sophos Anti-Virus are registered trademarks of Sophos Limited and Sophos Group. All other product and company names mentioned are trademarks or registered trademarks of their respective owners.