Sophos admits bad update slamming its anti-virus software customers

Security firm Sophos today apologized for wreaking havoc in its customers' networks after a faulty update to its anti-virus software yesterday caused false positives for certain malware to occur on Windows-based computers.

McAfee brings anti-virus support to VMware's vShield

"We would like to apologize for all the disruption caused to our many customers worldwide," Sophos said in a statement today. "We recognize the issue is very serious, and are doing everything we can to resolve it." Sophos says in its critical advisory that it thinks the problem was caused by a release from SophosLab for use with its Live Protection system.

Although Sophos issued a corrective update, the security firm said today it's conducting a "full investigation" to determine how this all happened and to ensure it doesn't happen again, and expects to provide more information shortly about the issue. In its advisory, Sophos notes that "symptoms" of the effects of the faulty update on customer endpoints would include a number of things, such as:

- Any virus detections of the malware 'Shh'

- Sophos Autoupdate not updating correctly

Sophos added that other product update mechanisms may not be functioning correctly as well, and visually it may appear that the "Sophos Shield may disappear."

Another impact would be that the console for the Sophos anti-virus software may be issuing reports on malware called Shh/Update-B. But this represents a false positive and is not an actual outbreak, Sophos states.

Sophos was not immediately available to say how many customers were impacted by the faulty update, but there was considerable discussion about the problem among customers online on the SophosTalk online network.

Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security. Twitter: MessmerE. E-mail: emessmer@nww.com.

Read more about wide area network in Network World's Wide Area Network section.

Join the Computerworld Australia group on Linkedin. The group is open to IT Directors, IT Managers, Infrastructure Managers, Network Managers, Security Managers, Communications Managers.

Comments are now closed.
Related Whitepapers
Latest Stories
Community Comments
Whitepapers
All whitepapers

Sorting the security standards

READ THIS ARTICLE
DO NOT SHOW THIS BOX AGAIN [ x ]
Sign up now to get free exclusive access to reports, research and invitation only events.

Computerworld newsletter

Join the most dedicated community for IT managers, leaders and professionals in Australia