Sophos Investigates Microsoft Reboot Failures Following Software Update

Sophos Investigates Microsoft Reboot Failures Following Software Update

Sophos is investigating user-reported issues of boot-up failures following a software update from April 9, 2019. 

Affecting Sophos Central users and systems running Windows 7, 8.1, 2008, 2008 R2, 2012 and 2012 R2, the security company has advised its Sophos Endpoint customers that Microsoft has “temporarily blocked devices from receiving this update” until a solution is available. The update was a security update that provided protections against Spectre Variant 2 (CVE-2017-5715) and Meltdown (CVE-2017-5754), according to the Microsoft's Windows Support website

Sophos Central manages all Sophos products, including its Synchronized Security platform, which uses Security Heartbeat for endpoint protection. 

Spectre and Meltdown exploit vulnerabilities in the processor and can work on personal computers and mobile devices and in the cloud, according to a Graz Univeritsy of Technology report. Depending on the cloud provider's infrastructure, it might be possible to steal data from other customers, which makes it a real concern for businesses. 

“If you have not yet performed the update we recommend not doing so,” explained the Sophos website. “If you have performed the update but not yet rebooted we recommend removing the update prior to rebooting.

“In addition if you are using Windows Server Update Services (WSUS) or a third party patch provider to distribute your Windows updates we recommend removing the updates from your approved list or de-authorising the updates from being applied to your machines.”

This comes after Microsoft had to fix two zero-day patches only last week. 

Source: Information Security Magazine