Sophos Anti-Virus: issues from false virus detection

& Fixes, Patches, and Updates.

Update 20 Sept 5:15pm: We have deployed a fix for the Sophos-quarantined files. While the fix installs you may receive a warning that your computer has been quarantined. Please disregard the message. The quarantine will be removed automatically when the install is complete.

Update 20 Sept 4:50pm: Sophos has released a script (available from a new post) that reverses the quarantine. We are deploying it to EMU-owned computers. Check back for a solution for non-EMU-owned computers.

Update 20 Sept 9:50am: Sophos has posted information about the problem though it is frequently unavailable as their servers struggle to handle demand. They are also fielding questions on Twitter.

Yesterday afternoon (Wed 19 Sep) Sophos Anti-Virus released an update that falsely identified many Windows programs as virus-infected. Sophos denied access to those files and moved them to quarantine. Worse still, one of the quarantined files was Sophos’ own updater.

Sophos is aware of the problem and is developing a fix. Information Systems will deploy that fix as quickly as possible.

-Ben.