Wednesday, September 19, 2012

Sophos on a Rollercoaster




It appears that Sophos pushed out an update that has caused it to see software updaters (including its own) as malware infections.  This could be a wild ride – as thousands of computers world-wide are popping up warnings that they are infected and sending users into a panic. Network administrators are busy answering phones and trying to calm down users, while not able to get a line IN to Sophos, as all their lines are swamped.




http://community.sophos.com/t5/Sophos-Endpoint-Protection/Is-any-one-else-seing-this-alert/td-p/29723

So – the suggested temporary fix is to disable on-access scanning. REALLY? 

Hopefully they’ll get us a fix soon!

UPDATE!

Sophos has removed the offending update from their servers, so those machines that hadn't already picked it up won't. However... if you have an enterprise system, the file needs to be removed from your update server. The following instruction was posted on the Sophos forum:

Your Sophos Update Manager would download javab-jd.ide from our databanks. If you haven't already, please try running an Update Now on your Sophos Update Manager.

 If the update fails, please try deleting agen-xuv.ide from yourSUM servers program files\sophos\sophos anti-virus directory and restarting savservice. that should get your SUM to update again.

09/20/12 Update:

More information can be found on the Sophos Naked Security blog here: http://nakedsecurity.sophos.com/2012/09/19/sshupdater-b-fsophos-anti-virus-products/



Posted by at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)