Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 44 replies
  • Subscribers 1 subscriber
  • Views 145744 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SHH/Updater-B Fiasco Recovery Steps

chavez243

Just thought a thread for just the recovery steps would be helpful as I'm sure this is a big mess for many of my IT brethren who will be burning the midnight oil on the cleanup.

Perhaps a Sophos engineer could chime in on:

- what to do about "Software Delivery failed" in Update Manager

- what to do about ALsvc.exe and ALUpdate.exe being detected / quarantined

- other steps?

:30335


This thread was automatically locked due to age.
Parents
  • 0

    The instructions provided thus far to remediate this debacle are clearly incomplete. I've replaced the offending IDE, restarted the service, disabled the On-Access Scan, and forced all clients to update and comply with the group policy - but I'm still finding quite a few affected machines (including the client running on the Enterprise Server).

    The number of erroneously tagged files has dropped - but not by more than about 40%. And of the files that were released - they were ALL Sophos related files. So the files that were nixed that belong to Adobe, Java, and a zillion other apps with use an updater - Well... I'm still in the can on those. Nicely done.

    SOPHOS - You need to look at the last released fix - it did not perform as advertised. Let's try this again...wash-rinse-repeat.

    [sigh] I'm gonna become a florist. How hard can it be to sell flowers? :^\

    :31017
Reply
  • 0

    The instructions provided thus far to remediate this debacle are clearly incomplete. I've replaced the offending IDE, restarted the service, disabled the On-Access Scan, and forced all clients to update and comply with the group policy - but I'm still finding quite a few affected machines (including the client running on the Enterprise Server).

    The number of erroneously tagged files has dropped - but not by more than about 40%. And of the files that were released - they were ALL Sophos related files. So the files that were nixed that belong to Adobe, Java, and a zillion other apps with use an updater - Well... I'm still in the can on those. Nicely done.

    SOPHOS - You need to look at the last released fix - it did not perform as advertised. Let's try this again...wash-rinse-repeat.

    [sigh] I'm gonna become a florist. How hard can it be to sell flowers? :^\

    :31017
Children
No Data