Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 44 replies
  • Subscribers 1 subscriber
  • Views 145744 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SHH/Updater-B Fiasco Recovery Steps

chavez243

Just thought a thread for just the recovery steps would be helpful as I'm sure this is a big mess for many of my IT brethren who will be burning the midnight oil on the cleanup.

Perhaps a Sophos engineer could chime in on:

- what to do about "Software Delivery failed" in Update Manager

- what to do about ALsvc.exe and ALUpdate.exe being detected / quarantined

- other steps?

:30335


This thread was automatically locked due to age.
Parents
  • 0

    Hello.

    Yes I am having problems with this also!!

    When I am going through the Endpoints unable to update process, I am getting stuck at option number 2. I am not sure what this means. Probably something very obvious, but can not find where to 'Select Groups' and 'Update Now' in the SEC. See below for what the instructions are.

    Can some please explain me this in a llittle more detail?

    Thanks,

    Dean

    If you have endpoints that are unable to update due to the false positive issue the following steps can be taken to get the fixed IDE to them:

    1. Centrally disable On-Access scanning via policy in SEC
    2. Select Groups in SEC and select 'Update Now'
    3. Once a group has updated re-enable On-Access scanning via policy in SEC
    :31069
Reply
  • 0

    Hello.

    Yes I am having problems with this also!!

    When I am going through the Endpoints unable to update process, I am getting stuck at option number 2. I am not sure what this means. Probably something very obvious, but can not find where to 'Select Groups' and 'Update Now' in the SEC. See below for what the instructions are.

    Can some please explain me this in a llittle more detail?

    Thanks,

    Dean

    If you have endpoints that are unable to update due to the false positive issue the following steps can be taken to get the fixed IDE to them:

    1. Centrally disable On-Access scanning via policy in SEC
    2. Select Groups in SEC and select 'Update Now'
    3. Once a group has updated re-enable On-Access scanning via policy in SEC
    :31069
Children
No Data