Endpoint Security and Control: updated software components to facilitate new security certificates

Between 28 November and 11 December 2008, Sophos released packages containing software that recognizes our new security certificates. In order to minimize the risk of disruption to the Sophos AutoUpdate, Sophos Anti-Virus, Sophos Client Firewall and Sophos NAC functionality on your endpoint computers, you should ensure that you have installed the following updates, or newer ones, if you haven't already done so:

• Sophos Anti-Virus for Windows v7.6.2 VDL 4.36E
• Sophos Endpoint Security and Control 8.0 with SAV v7.6.2 VDL 4.36E
• Sophos Anti-Virus for Windows NT v4.7.17
• Sophos Anti-Virus for Windows 95/98/Me v4.7.17
• Sophos Anti-Virus for Mac OS X v4.9.17
• Sophos Anti-Virus for Linux (on-access) v6.4.4
• Sophos Anti-Virus for Solaris (Manageable) v7.0.4

Which files are changing?

Windows

• ps.crl: all updated packages have a new version of ps.crl that is 2,088 bytes, compared to the former size of 1,381
  
• Sophos AutoUpdate: all packages include the following file versions:
  alupdate.exe 5.6.20.176
  channelupdater.dll 1.2.11.176
  cidsync.dll 3.3.4.176
  instlmgr.dll 1.2.4.176
  retailer.dll 1.2.9.176
  
• Sophos Client Firewall: all updated packages contain the following file version:
  firewallconfiguration.dll 1.5.0.172
  
• Sophos NAC Agent: all updated packages contain version 3.1.452.0 of the following files:
  setup.dll
  sophos nac agent.msi
  common\postureagent\plugins\install\sophos nac posture plugin.dll
  program files\sophos\nac\agentapi.exe
  program files\sophos\nac\agnttray.exe
  program files\sophos\nac\cmpchk.exe
  program files\sophos\nac\rmsnacadapter.dll
  windows\system32\drivers\nacftr.sys
  sophos nac agent.msi 3.1.452.0

Mac OS X

/Library/Application Support/SophosAutoUpdate.app 1.0.19

Linux and UNIX

Please see Sophos Anti-Virus for Linux and UNIX: summary of changes to files between different versions for a list of files that have changed between version numbers and their checksums.

What will happen if I haven't updated my Sophos software?

Sophos AutoUpdate only

Updates from CIDs will stop working. There is no way to recover from this without reinstalling Sophos AutoUpdate.

Sophos AutoUpdate and Sophos Client Firewall and/or Sophos NAC for Endpoint Security and Control

As above, updates from CIDs will stop working. You will need to reinstall Sophos AutoUpdate in order to use the Sophos products.

Additionally, RMS will not be able to log on to the router on the Enterprise Console server, therefore, you will not be able to manage your endpoint computers from Enterprise Console. Computers that made an RMS connection to the Console before 16 January 2009, however, will remain connected.

Please note: You will still be able to deploy Sophos software to the affected computers.

Sophos Enterprise Console

You may see error [VE_BADCERT]:7 or [0x00000017] in Enterprise Console.

If you have not updated by 16 January 2009, and you are experiencing the problems described above, please see Endpoint Security and Control: fixing endpoint computers that use outdated security certificates for steps you can take to repair and update your systems.