Sophos Support has had reports of Apple Mac OS systems where web browsing stops while Sophos is installed. It appears that the SophosWebIntelligence service is getting stuck while connecting to the logging interface, which causes the service to hang.
This will be corrected in version 9.9.6
Applies to the following Sophos product(s) and version(s)
Central Mac Endpoint 9.9.4
Central Mac Endpoint 9.9.3
Sophos Anti-Virus for Mac OS X 9.9.5
Central Mac Endpoint 9.9.5
When this issue occurs, no web browsing is possible. The trigger for the issue is intermittent. Some calls to an Apple interface do not respond according to spec, resulting in the service hanging.
Development is investigating with high priority as ticket MACEP-4493.
Update: October 9, 2019 – Development has a build which is undergoing testing for positive confirmation that it resolves the issue. Any customer experiencing this issue that wishes to test this build should contact Support and open a ticket. Note: The build can only be applied to all Macs on an account, not individually.
Update: October 28, 2019 – Development has tested a fix, both internally and with customers. During this time, the issue no longer occurred. As such, we are confident that the changes included in this fix are successful at correcting the issue. These changes will be incorporated into the release version 9.9.6, which we will be rolling out to Central customers around the end of November / beginning of December.
As a workaround, we have made a modified version of 9.9.4 available until 9.9.6 is released. Any customers who want this will need to contact support, and it will be applied to all Macs for the customer. Please note that going on this special, you will not get the 9.9.5 release (Mid-November), and be placed in the first group for the 9.9.6 release. The 9.9.5 release contains two major changes, Sophos’ new Managed Threat Response (MTR) protection for Mac (https://www.sophos.com/en-us/products/managed-threat-response.aspx), and a pop-up notification for any permissions issues on Mac OS 10.15 Catalina. 9.9.6 will include everything in 9.9.5 when it releases.
To determine if you have the special build:
- Open the Sophos Endpoint GUI
- Option+Click on About (lower right)
- The version displayed will be 9.9.4 (217546) if you are on the special build.
To confirm you are impacted by this issue, run a Sophos Diagnostic (found in the About menu) and then SDU. This will place a file on the desktop. In this file, under SophosDiagnostics, open SophosDiagonostics.1.gz, then the file SophosDiagnostics.1 within it.
If you find many lines saying “[SophosWebIntelligence” in this log during the time of the issue, then it is NOT this problem. This issue is indicated by the lack of SophosWebIntelligence log lines when attempting to browse.
Please contact Sophos Support so we can track impacted customers and alert them to any updates.
Please contact Sophos support if you wish to get moved to the 9.9.4 special release with the fix, until 9.9.6 is released.
This article will be updated when information becomes available
If you’ve spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article.
This is invaluable to us to ensure that we continually strive to give our customers the best information possible.