Categories: SecurityWorkspace

Sophos Struggles To Wake From False Positive Nightmare

UK-based anti-virus vendor Sophos has offered more advice and assistance to customers, following a major snafu that caused carnage and rendered some of its software unusable.

Last week, Sophos AV on Windows machines started perceiving its own updates and certain anti-malware files as threats, placing them in quarantine or deleting them altogether. In many cases, that caused the AV to fail. It also led to other non-Sophos files being detected as malware, causing problems for some businesses, according to reports.

One customer said their Sage accounting software had been taken out, with payroll hit as a result. They complained that Sophos’ fixes did nothing to help remediate issues with affected programs and warned that “the knock on effect for other applications could be huge.”

Time to get positive

Since false positive issues like this are usually addressed with an update, it was particularly tricky to fix the problem. An update was released, but Sophos has been issuing more advice, together with diagnostic and remediation tools for those still suffering. Head here for the latest from Sophos.

Towards the end of last week, Sophos admitted it had a backlog of calls, assuring customers that extra troops had been summoned to deal with the demand for support.

“The entire family of Sophos employees, partners, and customers has been dealing with a very challenging situation related to the Shh/Updater-B false positive issue. For any of you who have been affected by this incident, we sincerely apologise,” read a message from recently-appointed CEO Kris Hagerman.

“We have increased to maximum capacity our phone support centers in Abingdon (UK), Boston, Karlsruhe (Germany), Madrid, Milan, Paris, Sydney, Tokyo, Vancouver, Wiesbaden (Germany), and other cities around the globe. We have Sophos team members cancelling or rescheduling vacations, leaves of absence and other business activities to ensure we have mobilized every available resource to the task at hand.

“In our 25 year history, Sophos has never experienced an incident quite like this, and we are taking every effort to resolve this issue as fast as possible. Once we have made it past this critical stage of assisting our customers to get back to normal, we will then share our full and detailed explanation of the root cause analysis behind this incident and the steps we have implemented to prevent this in the future. Sophos owes this to you.”

False positives and dodgy updates have caused plenty of headaches for IT teams in recent months. Late last year, Microsoft Security Essentials started detecting the Chrome executable file for Windows as a component of the Zeus Trojan.

In July, a Symantec Endpoint Protection 12.1 and Norton antivirus update caused PCs to crash, whilst a McAfee update stopped users accessing the Internet.

How well do you know Internet security? Try our quiz and find out!

Thomas Brewster

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

Recent Posts

Spyware Maker NSO Group Found Liable In US Court

Landmark ruling finds NSO Group liable on hacking charges in US federal court, after Pegasus…

3 days ago

Microsoft Diversifying 365 Copilot Away From OpenAI

Microsoft reportedly adding internal and third-party AI models to enterprise 365 Copilot offering as it…

3 days ago

Albania Bans TikTok For One Year After Stabbing

Albania to ban access to TikTok for one year after schoolboy stabbed to death, as…

3 days ago

Foldable Shipments Slow In China Amidst Global Growth Pains

Shipments of foldable smartphones show dramatic slowdown in world's biggest smartphone market amidst broader growth…

3 days ago

Google Proposes Remedies After Antitrust Defeat

Google proposes modest remedies to restore search competition, while decrying government overreach and planning appeal

3 days ago

Sega Considers Starting Own Game Subscription Service

Sega 'evaluating' starting its own game subscription service, as on-demand business model makes headway in…

3 days ago