iTnews
  • Home
  • News
  • Technology
  • Security

Sophos flags own update as malware

By Dan Raywood
Sep 24 2012 11:44AM
Follow google news

Anti-anti-virus?

Sophos has admitted that it suffered a false positive incident last week when its own anti-virus software began detecting an update as malware.

Sophos flags own update as malware

Numerous binaries were falsely detected as 'ssh/updater-B'.

“An identity released by SophosLabs for use with our Live Protection system is causing false positives against many binaries that have updating functionality,” Sophos wrote in a support document.

It moved to confirm that these were false positives and not a malware outbreak.

“If you have Live Protection enabled, you should stop seeing these detections eventually as the files are now marked ‘clean' in the Live Protection cloud. If you do not have Live Protection enabled you will stop seeing the new detections once javab-jd.ide has been downloaded by your endpoints.”

Users would see the file quarantined unless they have their on-access policy set to move or delete detections when clean-up was not possible.

“Please double check your SAV policy under clean-up; You want to ensure your secondary option (when clean-up is not available or does not work) is set to ‘deny access' and not delete or move. Once the detections have stopped, you can acknowledge the alerts in the console, this way you can see who is still reporting it, and confirm it is trending down,” it said.

However this has led to the Sophos Support Twitter page dealing with complaints and frustrated users. It also posted several messages informing that its "call centres are bottlenecked".

One reader on the Internet Storm Centre said the glitch affected other updater services including Adobe Flash, Oracle Java, Fujitsu AutoUpdater and Dell AutoUpdate Utilities.

“All of the auto-updaters mentioned above were deleted off hundreds of PCs. Now none of these applications will auto-update moving forward,” they wrote.

“Even though Sophos may have fixed the problem and fixed their own software, there is a monumental amount of work we have to do to clean up after this mess. I've worked in IT for 16 years and have never had a virus/Trojan/spyware/malware cause problems and disrupt our systems the way this did. Who can I trust anymore when even my security anti-virus vendor can wreak more havoc on our systems than a virus infection outbreak can?”

It followed a borked update of McAfee's anti-virus system which severed internet connections and disabled the client.

This article originally appeared at scmagazineuk.com

Add iTnews as your trusted source

Add iTnews As Your Trusted Source Add iTnews As Your Trusted Source
Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, UK edition
Tags:
antivirusmalwaremcafeesecuritysophos

Related Articles

  • Apple bumps up security in fresh operating system releases Apple bumps up security in fresh operating system releases
  • Meta accuses NSO Group of violating court order by WhatsApp spear phishing Meta accuses NSO Group of violating court order by WhatsApp spear phishing
  • Researchers build self-replicating AI worm with BYO LLM Researchers build self-replicating AI worm with BYO LLM
  • Anthropic opens Claude Mythos Preview AI program to Australia Anthropic opens Claude Mythos Preview AI program to Australia
Join our WhatsApp Channel

Partner Content

Take control of your connectivity with Telstra’s Adaptive Networks Centre
Partner Content Take control of your connectivity with Telstra’s Adaptive Networks Centre
CommBank creates opportunities for technologists to upskill with frontier AI companies
Partner Content CommBank creates opportunities for technologists to upskill with frontier AI companies
Agile isn’t the problem: why projects still fail, and what’s missing
Partner Content Agile isn’t the problem: why projects still fail, and what’s missing
Why resilient communications are becoming critical infrastructure for modern enterprise IT
Promoted Content Why resilient communications are becoming critical infrastructure for modern enterprise IT

Sponsored Whitepapers

Agile in the AI Era: why projects still fail
Agile in the AI Era: why projects still fail
When Technology Becomes the Blocker: Unlocking Real Outcomes from AI and Cloud
When Technology Becomes the Blocker: Unlocking Real Outcomes from AI and Cloud
High-volume data sources for AI-driven security analytics
High-volume data sources for AI-driven security analytics
How healthcare organisations can get more value from cloud
How healthcare organisations can get more value from cloud
1 in 3 companies lose SaaS data. Here’s how to prevent it
1 in 3 companies lose SaaS data. Here’s how to prevent it

Events

  • iTnews State of Security Breakfast iTnews State of Security Breakfast
  • iTnews State of Data & AI Breakfast iTnews State of Data & AI Breakfast
  • The 2026 iAwards The 2026 iAwards
  • Integrate 2026 Integrate 2026
  • Security Exhibition & Conference Security Exhibition & Conference
Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

Anthropic opens Claude Mythos Preview AI program to Australia

Anthropic opens Claude Mythos Preview AI program to Australia
Defence says Palantir is "sandboxed" in its environment

Defence says Palantir is "sandboxed" in its environment
Services Australia describes fraud, debt-related machine learning use cases

Services Australia describes fraud, debt-related machine learning use cases
Microsoft backs down on legal threats against 0day disclosing researchers

Microsoft backs down on legal threats against 0day disclosing researchers
techpartner.news logo
Sydney-based AI-cloud waste startup raises $3m
Sydney-based AI-cloud waste startup raises $3m
Brennan uses NiCE to modernise its contact centre
Brennan uses NiCE to modernise its contact centre
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Interactive introduces private cloud platform
Interactive introduces private cloud platform
Digital61 expands cybersecurity portfolio
Digital61 expands cybersecurity portfolio
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.