back to article Sophos antivirus tools. Working Windows box. Latest Patch Tuesday fixes. Pick two: 'Puters knackered by bad combo

Unlucky Sophos antivirus users face a dilemma: either uninstall the software, or install April's Windows security fixes. That's because having both in place at the same time will bork their machines. On April 9, Microsoft rolled out its usual Patch Tuesday vulnerability patches for the month. Unfortunately, Sophos customers …

  1. dnicholas

    "You'll need to boot in safe mode, disable the Sophos code, uninstall the Windows patches, and then reboot and activate the security code again"

    How about just running the Sophos client removal tool?

    1. Anonymous Coward
      Anonymous Coward

      Assessing the risk I'd remove the April patch Tuesday updates...over letting users lose on a system with no AV....

      1. katrinab Silver badge

        Obviously you could replace it with Windows Defender.

    2. Jove Bronze badge

      That would be one approach if the affected systems were bootable.

      1. Alien8n

        Affected machines will boot into Safe Mode without issue, I had to fix 4 of our machines when this patch rolled out. Luckily Sophos were fairly quick to announce a "fix" for the issue so removing the patches wasn't too onerous.

    3. anothercynic Silver badge

      Ooooooeeerrr!

      Does CRT still exist??? Isn't that for removing *other* AV clients before you slap Sophos on?

      *smirks* *taps nose* If you know, you know...

  2. a_yank_lurker

    I thought...

    I thought the alpha testers (aka home users) were supposed to catch this. I think Slurp forgot that home users do not user enterprise grade security products, as in do not need them.

    1. Anonymous Coward
      Anonymous Coward

      Re: I thought...

      Your 100% correct on saying home users don't use enterprise grade security products... but I'd disagree about not needing them.

      Here is a true Tale From The Crypt for you - in my household we have a dozen PCs/Laptops, and family members are reckless. When I ask the wife why she installed X (malware laced download), she said "well its my personal laptop, it doesn't affect anybody else does it?" - This woman, is a professional, quite high up in a well respected regulator!

      So the day that centrally managed enterprise grade security solutions become affordable, I will jump with joy! Til then, I use Sophos Central..

      It honestly has nothing to do with my home-lab SOC, where I run Palo Alto Firewall, Full 802.1x authentication and Splunk, no sir, it has nothing to with this

      1. Anonymous Coward
        Anonymous Coward

        Re: I thought...

        "quite high up in a well respected regulator" is all you needed to say ;-)

  3. jake Silver badge

    Out o'curiosity ...

    ... remind me again why, exactly, people still purchase anything from Redmond? Do they expect it to suddenly get better? Or are they gluttons for punishment? It's clearly not because MS offers a decent product that works as it says on the tin. Or maybe it's a faith thing; all hail the mighty Windows and death to the infidels!

    At this point, what corporation in it's right mind would actually spec Windows for any desktop? It is obviously not fit for purpose. Unless all the companies saddled with it were formed partially to put money in Redmond's pocket, that is ... has anybody talked to their shareholders about that?

    1. Anonymous Coward
      Thumb Down

      Re: Out o'curiosity ...

      Want to give me close to a million dollars to replace my tools here? Hell, one of them is $175,000 alone. Oh, and that's assuming that such a tool exists running on another OS. Essentially, you are asking people to give up bunches of money when something they have, software package, runs on a particular OS for which they will then have to invest time, and for good packages money, to replace even (especially!) on Linux.

      I'm the canary in the coal mine on this issue. And, by the way, when qualifying a customer as to what they will require (as in requirements, recognize that?), I ask budget, needs, wants. Then I rattle off the hardware, software, and finally OS. I don't give two shits for it being Microsoft as I'm rather famous for directing people elsewhere. I've got dozens of operating systems here. Tools are what drive what is used on what.

      1. Anonymous Coward
        Anonymous Coward

        Re: Out o'curiosity ...

        So, unless you have specialized needs (the tools you mention), you don't need specialized problems, right?

        So - in the general case - you say you agree with Jake that Windows is a massive boat anchor of glued together corroding unholy hand grenades. And that in the vast majority of situations Windows is *not* a comfortable fit up the corporate backend.

        Sympathies on your marketplace, and I hope your costing has an appropriate multiplier if the customer requirements includes active fault lines.

        1. ds6 Silver badge
          IT Angle

          Re: Out o'curiosity ...

          Don't forget: many of our jobs wouldn't exist if Windows didn't create as many/more problems as/than it solves. If everyone designed competent *nix-based workstations with tons of R&D to make sure they work the first time and all times after that–and then have the talent to actually follow up on that promise, then internal technicians wouldn't have anything to do but training and answering calls. As much as I hate the dumpsterfire that is Windows, it pays the bills to cull that fire every now and again, maybe sprinkle in a little incense.

          1. dajames

            Re: Out o'curiosity ...

            many of our jobs wouldn't exist if Windows didn't create as many/more problems as/than it solves.

            Maybe ... but wouldn't it be great to have a job that wasn't just about wiping Windows's arse and clearing up the mess it's made, but was actually developing something new to make people's lives easier and better.

            I don't mean to suggest that cleaning up after Windows doesn't make life easier (and maybe even better) for the users, but it hardly provides job satisfaction for those who wield the digital mop and bucket.

            1. ds6 Silver badge

              Re: Out o'curiosity ...

              Never said it was satisfying. It isn't. Full stop.

              That's how the market works right now.

          2. rcxb Silver badge

            Re: Out o'curiosity ...

            > As much as I hate the dumpsterfire that is Windows, it pays the bills to cull that fire every now and again

            If you have twice as many problems, and need twice as many warm bodies to babysit the misbehaving software, you can only charge half as much for their time. A world without Windows would be a world with fewer PC Techs, but they would be far better-paid. Hopefully it's the mediocre ones that choose to switch careers...

        2. dnicholas

          Re: Out o'curiosity ...

          Windows keeps a roof over my head. If it were outlawed tomorrow and every business HAD to run Linux, I'd be living in a mansion next week

        3. Anonymous Coward
          Anonymous Coward

          Re: Out o'curiosity ...

          Its not a case of Windows, Linux or for that matter, even AmigaOS... its a case of choose the right tool for the job, if its only available for Windows, then so be it!

          Playing devil's advocate, as a former IT Manager responsible for a sizeable estate consisting of both Windows and Linux... Whilst the Linux environment was far more stable, the Windows environment was far easier to manage, then taking into account it also has a much larger pool of recruitable talent and a very larger (commercial) support network!

      2. Anonymous Coward
        Anonymous Coward

        @Jack - Re: Out o'curiosity ...

        I'm sure that million dollar stuff you mention will appease your suffering so you can keep on until the next MS abuse. You're not the canary in the coal mine, your just plain masochist.

      3. rcxb Silver badge

        Re: Out o'curiosity ...

        It's not a question of asking people to replace what they've got. It's a matter of directing them to something else when it comes time to upgrade. People have the mistaken impression that what ran on Windows XP will run on Windows 10, when in truth it's just as likely to run properly on WINE under Linux as it is on Redmond's latest reboot of their burning platform, and several Linux desktop environments require LESS user retraining than Microsoft's ever changing desktop.

    2. a_yank_lurker

      Re: Out o'curiosity ...

      As far as whether to use Bloat in the future there are few things to consider. One what applications are used and are there suitable replacements for them on another OS. Another is how much custom code has been written that would need to be rewritten in a new language. And how expensive would it be to retrain the staff who are largely just users not nerds. Primarily computers are tools to get a job done and you use the tools available and if those tools pin you to an OS you are stuck. Some companies have a lot of custom code written that would be royal pain to rewrite and revalidate to switch OSes. Doable but not cheap and somewhat to very risky. Most users are not nerds and do not really know how computer works so switching the software and OS will involve some retraining and loss of efficiency while they learn the new stuff. Even if the training time is relatively minimal per person, it is still time lost and money spent on the staff.

      Each situation must be evaluate on its own and while many can easily ditch Bloat not all can.

      Slurp looks to be trying to ditch home users and focus on enterprise users. Fewer but much more lucrative customers who will buy more than just a box and Orifice. Plus enterprises like subscriptions for accounting purpose and cash flow while home users are the opposite.

    3. Christopher Rogers

      Re: Out o'curiosity ...

      In what way is Windows not fit for purpose? For me Linux won't be fit for purpose because many of our daily use applications will not run on it.

    4. Jove Bronze badge

      Re: Out o'curiosity ...

      Partly because those that have speced purchasing decisions typically get freebies from the Sales teams - it is not an even playing field, though these days Corporate standards are a little tighter.

      Most of those being affected in this wave of shoddy workmanship are on older kit and builds, and may well have decided to move to other platforms as part of the replacement planning.

    5. Alan Bourke

      Re: Out o'curiosity ...

      "emind me again why, exactly, people still purchase anything from Redmond? Do they expect it to suddenly get better? "

      Seriously? Have you ever been in a corporate environment?

      Windows, by and large, works very well. Otherwise it would be dead a long time ago.

      "At this point, what corporation in it's right mind would actually spec Windows for any desktop? "

      Any corporation that needs to run the actual real-world software required to do business in the modern world, i.e. all of them.

      Get a clue.

    6. Anonymous Coward
      Anonymous Coward

      Re: Out o'curiosity ...

      because the Domain, account permissions, restrictions are manageable in MS - something that if another company really worked hard at could replace, but nobody has. Most of us would gladly jump to a proven product that can do corporate networks as well or better.

  4. Lorribot

    Sophos is available for home use. However most home users that are likely to have bought are more than likely runnig Windows 10 not windows 7 or Server 2008

    Other Security solutions have been affected, McAffe I believe is one

    MacOS in a working environment can be troublesome to support unless you go all in Apple everywhere, which is not possible for most companies, Linux is also difficult for LOB apps and also for support, ChromeOS web interface only solution would not work with most companies as it stands though may fit for 80% of users needs... but teh training would kill a lot of compaanie and getting teh right level of local access and central management.......

    The world needs a cutdown version of Windows that has all the fripperies removed, also all the legacy 8, 16 and 32 bit code it is what Windows 10 should have been. However i suspect it would be easier to start from scratch, not that Google did a particular good job of that with Android, make some pretty basic design errors in its rush to get in to the market still they will have removed all the crap in 10 years time.

    1. Ken Hagan Gold badge

      "The world needs a cutdown version of Windows that has all the fripperies removed, also all the legacy 8, 16 and 32 bit code it is what Windows 10 should have been."

      Not clear whether you are sugggesting that the legacy code should or should not be removed, but it is the only reason why most people run Windows. I can't think of a single Win10 feature that nearly all users could not live without.

      What the world needs is an easy way to run Win7 (for the apps) in a VM on top of Linux (for the modern hardware support, email client, browsing, and increasingly large numbers of general purpose apps). The technology exists, we need an easy way for non-IT types to get it up and running, bearing in mind that most home users and small businesses have no IT support at all.

      1. Timmy B

        "an easy way for non-IT types to get it up and running" and that is the issue. There simply isn't a Linux version out there that is easy for non-IT types to get up and running. Let alone use.

        Perhaps a distro could get a bank of people in their twilight years with little experience of PC use and get them to do a few of the things they would need to do (plug in a new printer, connect to wifi, configure an email client to send) some things that are fairly easy on a windows pc (compare configuring windows mail to configuring thunderbird).

        1. Warm Braw

          There simply isn't a Linux version out there that is easy for non-IT types to get up and running. Let alone use

          I have to agree with this. My laptop is currently running Linux Mint, but I regularly have to call up a text console to kill the mintmenu process when the cursor freezes in the GUI - as it has done as I compose this. I'm now on my third e-mail client as the others exhibited strange bugs interacting with the IMAP servers that Windows-based clients have no problem with. I've wrestled endlessly in the past with TV cards of various sorts which might just happen to work if your distro has compiled in the right drivers, but usually means a kernel build. Windows 10 is sufficiently execrable that I put up with this as it's the only real alternative on this particular hardware, but it's not something I'd expect the average user to do.

          For the heavy lifting, though, I usually go back to Windows 7 in a VM.

          1. AMBxx Silver badge

            I have Mint running quite happily on one laptop. Setting up was crap - first a warning that Chrome was out of date, but the link to update took me to something that Mint wouldn't installed. Went for Firefox, but the OS wasn't detected, so just had to guess.

            As a server OS, Linux is great. For clients, still years away.

            1. Anonymous Coward
              Anonymous Coward

              @AMBxx - What are you talking about exactly ?

              I've installed many Linux distributions (including Mint) for more than a decade and Firefox was always there by default. You're trying to set it up on what ?

            2. Anonymous Coward
              Anonymous Coward

              yer doing it wrong AMBXX, assuming that you are telling the truth. What you're describing doesnt fit with the way that Linux does software upgrades (hint - security fixes from the built-in update installer - new software from the repository manager) - and I'm just a user, I'm not at the giddy heights of technical savvy that most here are.

              Linux has been perfectly fit for general users for many years - and I have helped quite a few others over the years, some even older than me (now in my 60's) get set up with it (ie: give them an install disk. Most didnt need any further help, but I stood by just in case). Every one of them happy to be free of the problems they had with Windows.

          2. Anonymous Coward
            Anonymous Coward

            @Warm Braw

            I've had the occasional with Linux Mint too. I distro hopped for years and found MX Linux, which for my very simple home usage purposes at least, is the best distro I've found so far. Have you tried MX Linux? Right now I'm running Fedora in VirtualBox as I'm working my through the Linux Bible. I'm sure you and most of the readers here wouldn't require them but MX Linux has an great Forum and they put together excellent Video "How tos".

        2. MJI Silver badge

          Windows mail and Thunderbird

          Yes gave up and used Thunderbird, much easier.

          Has menus for a start.

        3. Barry Rueger

          There simply isn't a Linux version out there that is easy for non-IT types to get up and running. Let alone use

          Nonsense. I can stick a Mint USB into pretty much any regular PC and have installed and running in less than twenty minutes. Yes, I've timed it.

          Thereafter I'll run the updater from time to time, but otherwise do nothing. It will happily run for months without a reboot, or a problem.

          And out of the box it includes pretty much every application that an average person needs.

          Enough with the FUD.

    2. veti Silver badge

      Since time immemorial, people have been saying "what the world needs is a cut down version of $SOFTWARE without all the cruft". Lots of them have developed and published such software.

      None of those people got rich.

      Joel Spolsky has an excellent post about why this is. Googling "the 80/20 myth" should find it. Long story short, no two people will agree on precisely which 80% of features they don't want.

    3. Anonymous Coward
      Anonymous Coward

      "MacOS in a working environment can be troublesome to support unless you go all in Apple everywhere"

      Check out JASC management tools for Mac's - compare them to SCCM.

      Cry when you realise you're stuck with Windows and SCCM.

    4. phuzz Silver badge

      "The world needs a cutdown version of Windows that has all the fripperies removed, also all the legacy 8, 16 and 32 bit code it is what Windows 10 should have been."

      That's pretty much what Windows RT (aka Windows on ARM) was going to be, and Win 10 IoT is sort of supposed to be.

      The problem is though, people buy Windows to run Windows programs, and if you take away the ability to do that, then nobody will buy that version of Windows. Every time Microsoft try and wipe the slate clean, everyone complains and they give up and just add yet another windowing system in.

    5. Lee D Silver badge

      Sophos Enterprise Console is in every LGfL (and many other similar networks across the UK) school, as it's given away free, who often (stupidly) have automatic updates just set to roll out without any control.

      The people who work in that industry and have for years been saying to me "Yes, but why don't you just push out all the updates immediately" have had their answer several times over, and just got it again.

      That's a massive, stupid boo-boo, that's very difficult to revert in any automated fashion whatsoever, across thousands of organisations running thousands of machines each.

      I refuse to be a Microsoft beta tester, so WSUS is the first thing I install when setting up a new network.

      1. Persona Silver badge

        "I refuse to be a Microsoft beta tester ……."

        Which is fine decision for you, but a poor call for Sophos who would have received prior notification of the updates.

        1. Anonymous Coward
          Anonymous Coward

          You say that, but last week it was AVAST installs that got clobbered by this update.

          Please change "would have" to "should have", because I suspect neither of them got advanced warning.

  5. Anonymous South African Coward Bronze badge

    Makes more for a compelling reason to ditch Slurp/Bloat/Micro$oft and go for alternatives.

    1. Timmy B

      Or ditch terrible AV software and go for alternatives.

    2. Anonymous Coward
      Anonymous Coward

      Did that years ago. Not yet had an outage..

  6. jrd

    Well, I'm baffled. I run Windows 7 and Sophos Endpoint of my home PC and I haven't experienced any problems (I rebooted yesterday because I hadn't heard about this problem). Maybe I missed an update somehow?

    1. Robert42

      I too run Windows 7 and Sophos

      I too run Windows 7 Pro with Sophos endpoint on 2 desktops at home and am not seeing any problems. Perhaps its down to the Motherboard/cpu generation combination. The desktops are Asus z87s and Intel 4770K's

      1. Stuart 22

        Re: I too run Windows 7 and Sophos

        BTW what's your plan for January 15th?

        1. Anonymous Coward
          Anonymous Coward

          Re: I too run Windows 7 and Sophos

          I dont know about the person you asked the question of - but I will carry on as normal - just as I did when MicroGit ended support for XP - which I ran on one netbook until late last year.

        2. Robert42

          Re: I too run Windows 7 and Sophos

          At the moment I am hoping M$ will extend W7 like they did with XP. I did do the downgrade to W10 and made a disk image which I update after patch Tuesday, so if forced I will have to restore W10 - under protest.

  7. Huw D

    It's not exactly consistent...

    Client environment - 50 devices and 14 servers. Windows patched via WSUS, Sophos centrally managed.

    Number of devices that had the problem? 2 - and there appears to be no rhyme nor reason why it only affected those 2.

  8. jeremylloyd

    Why assume it's Microsoft's fault?

    Why oh why assume this is Microsoft's fault? 3rd party A/V products are renowned for using private API's and non-standard hooks. Is it any wonder things break when Windows updates are made? Is it Microsoft's responsibility to test their product with every single A/V product (and the many versions thereof) before patches are released? That's not really practical if you want to get updates out of the door.

    1. Santa from Exeter

      Re: Why assume it's Microsoft's fault?

      I'll give you the benefit of the doubt that you posted this before the update bu in TFA it states -

      A change Microsoft made to its operating system's Client Server Runtime Subsystem (CSRSS) causes deadlocks during start up, we're told.

      So, yes, it *is* Microsoft's fault

      1. Loyal Commenter Silver badge

        Re: Why assume it's Microsoft's fault?

        My money is on that change being a change ot the order in which ti does things. An order which no doubt was not documented, but AV vendors took it upon themselves to assume would not change. Whose fault is it? You decide.

      2. Reg Reader 1
        Joke

        Re: Why assume it's Microsoft's fault?

        @Santa from Exeter

        Did Microsoft incorporate SystemD when they created Win 10?

        1. jake Silver badge

          Re: Why assume it's Microsoft's fault?

          Other way around, Reg Reader 1. systemd is an attempt at replicating Windows' lack of functionality.

    2. phuzz Silver badge

      Re: Why assume it's Microsoft's fault?

      My first thought was "Ah, Sophos. There's your problem.".

      I've used their enterprise version before and it was a complete shitshow, somehow I doubt it's much better these days.

      1. anothercynic Silver badge

        Re: Why assume it's Microsoft's fault?

        Ouch!

  9. Jove Bronze badge

    Third-Party software

    There is a broader problem with the most recent patch releases - there are clashes with other third-party packages such as Symantec AV and AMD Display drivers .

    All rather convenient as far as Microsoft is concerned, but given recent behaviour it is just the right incentive to move to alternate platforms.

  10. druck Silver badge
    Coat

    What's new?

    McAfee said users may experience "slow boot times and performance after installing Microsoft Windows April 2019 updates on a system with Endpoint Security."

    What's new?

  11. Ramis101
    FAIL

    Roll-up Previews....

    I thought roll-up previews were supposed to mitigate this short of shit. Surely this should have been detected by enterprises a month before the rest of us get it foisted upon us..... or are enterprises not bothering to test Wupdates before giving their WSUS the green light?

  12. Anonymous Coward
    Boffin

    I think I know what is going on.

    Look back through the various versions of Windows, and you will realise that by this time after a release, MicroGit would usually have released a NEW version of Windows, and be deliberately buggering up the old version to "encourage" users to pay for the new - supposedly more stable software.

    However they have been stuck on Win10 in a Groundhog day scenario, changing the build number, but not the actual name........

    and forgotten to tell the special team tasked with issuing bad updates to the "old" version.

    No, I am not joking.

  13. Anonymous South African Coward Bronze badge

    Bring back the Speccy, Commodore and TRS-80

    Malware infection? Just reboot, and poof! it's gone.

  14. Long John Silver
    Pirate

    Software becoming too convoluted for reliable maintenance?

    It was an exciting time when electronic computation began its transition from being exclusively a task for mainframe and mini-computers into a utility, almost as vital as electricity itself, and present in nearly every home and office. Microsoft was among many small companies springing up at that time. It turned out to be one of several winners emerging from market competition; most outright business failures (hardware and software vending) resulted not so much from technological deficiencies of products on offer as them arising in the wrong place and time. Numerous small companies didn't collapse but lost their identity through being gobbled up by others keen to develop nascent technology. The result of all this being fewer major market players and some becoming monolithic. In traditional production of goods and services greater size may be accompanied by economies of scale. This seems not so in the case of software development. In fact, two types of 'bigness' need distinguishing between: company size, and software complexity. Interaction between the two may lead to adverse effects rather than synergy.

    Microsoft would be a suitable case-study for someone wishing to develop with rigour this thesis. Understanding how huge corporate size and complexity can lead to deleterious effects is the province of management theorists; however, little trust is owed to management school academics proclaiming the sole intent of good management is profit maximisation. Complexity of software relates not only to increasing ambition for what it can do but also to how Microsoft Windows, its office suites and similar large packages from other vendors, accrete rather than being redesigned each time innovation is added: a 'legacy' of now avoidable inefficiencies, and outmoded ways of doing things, must make fitting in each additional feature ever more difficult, possibly perilous to company reputation and well being.

    Studying the combined effects of corporate size/reach and complexity of software products being developed may give scholars many happy hours. Yet, perhaps others should plough fresh ground by adopting a minimalist approach to operating systems and office suites. A move toward robust fail-safe components with optional add-in features rather than 'all-singing and all-dancing' behemoths; after all, that is consistent with structures offered by modern programming languages.

  15. Doctor Evil

    Preventing the update from installing (if not yet installed) ...

    ... should be easy: plug in an external drive.

  16. Anonymous Coward
    Anonymous Coward

    Avira

    I had the same exact problem last week using Avira, so I think it’s affected too, at least to some extent.

    I switched to BitDefender and that seems ok...

  17. Jove Bronze badge

    WARNING- Data loss

    Some users are reporting data loss while using explore to move files - there are accounts of files no longer appearing in the source or target folders after the move appeared to have been completed. These reports have been coming in since the patches were applied but there is no confirmed direct connection as of yet.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like