Microsoft has released security updates that are impacting some security AV vendors, causing some of their customers using Windows 7, Windows 8.1, Windows 2008 R2, and Windows 2012 to occasionally experience system fails or hangs during boot up after application of the update.

A small number of customers have reported experiencing this issue. is working very closely with Microsoft to resolve the issue. Microsoft has introduced a temporary block to stop computers not already affected from applying the latest Windows security update. Additionally, we have a work around for those impacted customers.

How do I know if my customer is impacted?

To be impacted, customers must meet all the criteria below. If they do not meet all the criteria, then they are not impacted.

1. Running Windows 7, Windows 8.1, Windows 2008 R2, or Windows 2012

2. Running any Security Windows endpoint or server product except Sophos Central Intercept X. (Note: this does impact Intercept X Advanced and Intercept X Advanced with EDR.)

3. Have applied the latest Windows security update and have rebooted after the update is complete
Important note: If customers have not yet rebooted, they should uninstall the latest Microsoft security update before rebooting

As the majority of customers do not seem to be affected, it is possible that during the ongoing investigation additional criteria will be added to further limit the scope of impacted customers. KBA 133945 will continue to be updated with the latest information.

How do I help an impacted customer?

The latest information about this issue and remediation steps are documented in KBA 133945: