Categories: SecurityWorkspace

Sophos Struggles To Wake From False Positive Nightmare

UK-based anti-virus vendor Sophos has offered more advice and assistance to customers, following a major snafu that caused carnage and rendered some of its software unusable.

Last week, Sophos AV on Windows machines started perceiving its own updates and certain anti-malware files as threats, placing them in quarantine or deleting them altogether. In many cases, that caused the AV to fail. It also led to other non-Sophos files being detected as malware, causing problems for some businesses, according to reports.

One customer said their Sage accounting software had been taken out, with payroll hit as a result. They complained that Sophos’ fixes did nothing to help remediate issues with affected programs and warned that “the knock on effect for other applications could be huge.”

Time to get positive

Since false positive issues like this are usually addressed with an update, it was particularly tricky to fix the problem. An update was released, but Sophos has been issuing more advice, together with diagnostic and remediation tools for those still suffering. Head here for the latest from Sophos.

Towards the end of last week, Sophos admitted it had a backlog of calls, assuring customers that extra troops had been summoned to deal with the demand for support.

“The entire family of Sophos employees, partners, and customers has been dealing with a very challenging situation related to the Shh/Updater-B false positive issue. For any of you who have been affected by this incident, we sincerely apologise,” read a message from recently-appointed CEO Kris Hagerman.

“We have increased to maximum capacity our phone support centers in Abingdon (UK), Boston, Karlsruhe (Germany), Madrid, Milan, Paris, Sydney, Tokyo, Vancouver, Wiesbaden (Germany), and other cities around the globe. We have Sophos team members cancelling or rescheduling vacations, leaves of absence and other business activities to ensure we have mobilized every available resource to the task at hand.

“In our 25 year history, Sophos has never experienced an incident quite like this, and we are taking every effort to resolve this issue as fast as possible. Once we have made it past this critical stage of assisting our customers to get back to normal, we will then share our full and detailed explanation of the root cause analysis behind this incident and the steps we have implemented to prevent this in the future. Sophos owes this to you.”

False positives and dodgy updates have caused plenty of headaches for IT teams in recent months. Late last year, Microsoft Security Essentials started detecting the Chrome executable file for Windows as a component of the Zeus Trojan.

In July, a Symantec Endpoint Protection 12.1 and Norton antivirus update caused PCs to crash, whilst a McAfee update stopped users accessing the Internet.

How well do you know Internet security? Try our quiz and find out!

Thomas Brewster

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

Recent Posts

Apple Sales Rise 6 Percent After Early iPhone 16 Demand

Fourth quarter results beat Wall Street expectations, as overall sales rise 6 percent, but EU…

19 hours ago

X’s Community Notes Fails To Stem US Election Misinformation – Report

Hate speech non-profit that defeated Elon Musk's lawsuit, warns X's Community Notes is failing to…

20 hours ago

Google Fined More Than World’s GDP By Russia

Good luck. Russia demands Google pay a fine worth more than the world's total GDP,…

21 hours ago

Spotify, Paramount Sign Up To Use Google Cloud ARM Chips

Google Cloud signs up Spotify, Paramount Global as early customers of its first ARM-based cloud…

2 days ago

Meta Warns Of Accelerating AI Infrastructure Costs

Facebook parent Meta warns of 'significant acceleration' in expenditures on AI infrastructure as revenue, profits…

2 days ago

AI Helps Boost Microsoft Cloud Revenues By 33 Percent

Microsoft says Azure cloud revenues up 33 percent for September quarter as capital expenditures surge…

2 days ago