In association with heise online

20 September 2012, 16:10

Sophos Anti-Virus suspects itself and others

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Sophos logo A faulty signature update is making the Sophos anti-virus engine think that a lot of innocuous files are actually viruses. Sophos says that applications with built-in update mechanisms are being hit the hardest. On the company's customer forum, a thread regarding the problem is now up to 75 pages at the time of writing, and includes a number of examples, including the update agents for Java, as well as Adobe Flash and Reader. Sophos' engine even suspects its own update service, with the update tools being marked as Shh/Updater-B.

Particularly annoying is that the files falsely believed to be malicious are automatically put into quarantine – or, depending on the individual configuration, perhaps even immediately deleted. Sophos says that the bug has already been fixed, with users who have Live Detection activated noticing the change immediately. All other users will see an end to the problem once the program has downloaded the current version of the javab-jd.ide signature file from the Sophos server – assuming, of course, that the Sophos updater is still working.

If that is not the case, users must follow the instructions on the Sophos site; one step is putting the Sophos directories on their whitelist so the program no longer stands in the way of its own updater.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit