Sophos – Advisory: SafeGuard File Encryption Engine – build 29 withdrawn
Sophos has discovered a bug in the latest version of the SafeGuard File Encryption Engine, build 29, related to the use of byte-range locks on encrypted files located on network shares.
Due to the severity of the issue, the update has been withdrawn.
This issue was introduced in build 29 (filter driver version 220.127.116.11) and does not exist in previous versions.
Applies to the following Sophos product(s) and version(s)
SafeGuard Data Exchange 8.1
SafeGuard File Encryption 8.1
SafeGuard Synchronized Encryption 8.1
SafeGuard File Encryption 8.2
SafeGuard Synchronized Encryption 8.2
SafeGuard Data Exchange 8.2
- Certain applications might not be able to open encrypted files on network shares.
The issue has been identified and we´re working on a fix for this problem. We plan to provide a new version of the File Encryption Engine in November 2019.
What to do
Sophos recommends to use File Encryption Engine build 28 instead of File Encryption Engine build 29 for the time being .
On endpoints on which File Encryption Engine build 29 has been installed, it should be uninstalled. This will automatically switch back to the File Encryption Engine which was installed before e.g. to build 28 if that was the previously installed version. If no File Encryption Engine build was installed, it will fall back to the driver version included in the corresponding SafeGuard Client version.
The update can be uninstalled in the Installed Updates section under Programs and Features.
An installation of File Encryption Engine build 28 is recommended, if no File Encryption Engine update or an older version was installed before. In this case the reboot after the uninstallation can be postponed until after the installation of File Encryption Engine build 28.
As soon as a new version of the File Encryption Engine is available this knowledge base article will be updated accordingly.
This KB article has been revised for clarity.