cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2180
Views
0
Helpful
1
Replies

Sophos issue

exMSW4319
Level 3
Level 3

Those using Sophos End-Point Protection should be aware that last night (19/9/12 20:22 BST?) Sophos inadvertently sent out an IDE update that causes false positive virus detection. More worryingly the FP stops Sophos's own update mechanism from downloading further updates. For full details see:

http://nakedsecurity.sophos.com/2012/09/19/sshupdater-b-fsophos-anti-virus-products/

http://www.sophos.com/en-us/support/knowledgebase/118311.aspx

Now this may be of concern to us because Sophos is also available as an anti-virus option Asyncos. I've checked our C160 and it says that our last IDE update was at 07:15 GMT this morning. As this is after the problem date it suggests that Ayncos will not be affected by the problem (which is to be expected) but can this be confirmed?

1 Reply 1

Bob Fayne
Level 1
Level 1

If someone were to email a file that ended up with a false positive, it might affect that message.

That issue does not affect the Ironport appliance since sophos only scans messages and does not scan the local file system. There is no need to scan the local ironport file system for viruses since messages are only transferred from place to place but attachments or other code are never executed.