If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(The Register)   Sophos release AV update that recognises itself as a virus, and any other update software. Bonus: It can't be undone remotely   (theregister.co.uk) divider line 33
    More: Dumbass, SOPHOS, campus network, A.V., false positives, quality assurance, malware, virus  
•       •       •

2194 clicks; posted to Geek » on 20 Sep 2012 at 10:58 AM (2 years ago)   |  Favorite    |   share:  Share on Twitter share via Email Share on Facebook   more»



33 Comments   (+0 »)
   
View Voting Results: Smartest and Funniest

Archived thread
 
2012-09-20 09:47:39 AM  
Yeah, we got hit by this. Fun stuff.
 
2012-09-20 11:02:21 AM  
It's annoying that AV solutions are such a necessity but introduce their own headaches in the process. I found Comodo to be a halfway decent free solution on Windows. However if you use Comodo for Mac and want to use Chrome, you'll find it grinds your browsing to a halt. I still haven't found a great solution for my Macbook Pro.
 
2012-09-20 11:24:33 AM  
Yes, we use Sophos here on the corporate network.

/I did not choose this product
 
2012-09-20 11:28:14 AM  
Uhg, I lost a bunch of updater files because I didn't see Sophos had updated and assumed they had somehow become infected. What's more is that I have the AV program through a school I don't attend anymore so I have zero documentation and zero chance for real tech support. Maybe a system restore will fix it?
 
2012-09-20 11:34:09 AM  
Who?
 
2012-09-20 11:46:16 AM  
Hah, I don't need AV software im behind 7 nortons
 
2012-09-20 12:18:49 PM  
Everyone makes mistakes -- it's how they respond that reveals their character.
 
2012-09-20 12:46:21 PM  
can someone port this over to symantec?
 
2012-09-20 12:57:32 PM  

the_rhino: Hah, I don't need AV software im behind 7 nortons


1. upload.wikimedia.org

2. upload.wikimedia.org

3. c580019.r19.cf2.rackcdn.com
 
2012-09-20 01:10:47 PM  
I'm sure the virus-writing community will have helpfully released a patch within a few hours.

(No, really, I am actually quite sure that something like that will happen.)
 
2012-09-20 01:14:38 PM  

Tremolo: Uhg, I lost a bunch of updater files because I didn't see Sophos had updated and assumed they had somehow become infected. What's more is that I have the AV program through a school I don't attend anymore so I have zero documentation and zero chance for real tech support. Maybe a system restore will fix it?


I'm in the same sitch. I downloaded this file from Sophos that had other files in it and I put it in a folder with other files that looked the same as those files. I have no clue whether or not that worked.
 
2012-09-20 01:15:25 PM  

InfrasonicTom: the_rhino: Hah, I don't need AV software im behind 7 nortons

1. [upload.wikimedia.org image 220x317]

2. [upload.wikimedia.org image 220x252]

3. [c580019.r19.cf2.rackcdn.com image 370x278]


"Norton! Norton, my friend! How would you like to fark me up the ass?"
 
2012-09-20 01:22:33 PM  

StopLurkListen: Everyone makes mistakes -- it's how they respond that reveals their character.


I'm not sure what they can do to make themselves look better. It's a pretty big screw-up.
 
2012-09-20 01:27:12 PM  

MightyPez: It's annoying that AV solutions are such a necessity but introduce their own headaches in the process. I found Comodo to be a halfway decent free solution on Windows. However if you use Comodo for Mac and want to use Chrome, you'll find it grinds your browsing to a halt. I still haven't found a great solution for my Macbook Pro.


Microsoft Security Essentials (also free) is surprisingly decent.
 
2012-09-20 01:29:56 PM  

GranoblasticMan: Microsoft Security Essentials (also free) is surprisingly decent.


This. I am pleasantly surprised with how well MSE works.
 
2012-09-20 01:33:38 PM  
We JUST bought this product. I have a scheduled implementation day for Monday. I have it installed on my own machine and a test machine.

It is STILL better than Symantec which we are replacing.
 
2012-09-20 01:44:52 PM  
Ah yes, Sophos - the bane of Samba shares. How I miss how some Windows users would complain about 15 minute log-ins due to your nefarious ways...
 
2012-09-20 02:07:55 PM  
Sophos disabled itself? You know, I thought everything seemed more responsive yesterday..
 
2012-09-20 02:16:53 PM  

Current Resident: GranoblasticMan: Microsoft Security Essentials (also free) is surprisingly decent.

This. I am pleasantly surprised with how well MSE works.


Yup, I love MSE. Install and forget. I changed, though, because it's had problems lately identifying certain driveby threats. In all fairness, they are malware and not viruses, but I like a little more robust protection.
 
2012-09-20 03:22:37 PM  
I like the Microsoft one too but from an enterprise level you need to use MS Forefront.

If you're using Sophos for your enterprise security at work you should shop around...geesh that's like using Trend Micro.

I find McAfee EPO to be the best enterprise level product. It's not cheap but the support is pretty good.
 
2012-09-20 03:34:49 PM  
Not ironic, but incredibly funny if you aren't affected by it.
 
2012-09-20 04:04:20 PM  
"Let me go! I have to destroy the virus!"

"No, Sophos, you are the virus."
 
2012-09-20 04:11:20 PM  

Current Resident: GranoblasticMan: Microsoft Security Essentials (also free) is surprisingly decent.

This. I am pleasantly surprised with how well MSE works.


It's become my go-to antivirus for home use, replacing Avira (what can I say, I'm a cheap bastard).
 
2012-09-20 04:43:11 PM  
Sterilize the error...

www.hashemian.com
 
2012-09-20 06:11:17 PM  
To be fair, most things that advertise themselves as anti-malware are trying to trick you into installing malware.

Sophos went for half of each.
 
2012-09-20 07:12:03 PM  
We got hit with this but the article is wrong. You can remotely fix it. It was frankly a pretty minor annoyance, and Sophos cleaned it up within a few hours.

Having used all the AV products out there, I still like sophos more than the other corporate products. Symantec is okay, Mcafee is horrible, and trend is beyond horrible.
 
2012-09-20 08:30:51 PM  
System restore seems to have fixed all my issues; Sophos remains the most reliable and non-intrusive AV I've ever used.
 
2012-09-20 08:36:23 PM  
And hope your mis-targeted files were quarantined rather than erased.
 
2012-09-20 09:30:05 PM  
This reminds me when McAfee broke their Internet Security Suite. I work for AT&T U-Verse Tech Support and McAfee ISS comes free with U-Verse internet service. McAfee released an update a few weeks ago that, when downloaded, broke the internet.

The only way to fix it was to reboot the computer into Safe Mode with Networking, which would allow you to surf the web again, download the patch that McAfee released to update the bad update and then reboot to your regular desktop.

Surprisingly it wasn't that hard to direct customers over the phone on how to reboot their computer into safe mode and download the patch.
 
2012-09-21 08:32:27 AM  

phuquetarde: We got hit with this but the article is wrong. You can remotely fix it. It was frankly a pretty minor annoyance, and Sophos cleaned it up within a few hours.

Having used all the AV products out there, I still like sophos more than the other corporate products. Symantec is okay, Mcafee is horrible, and trend is beyond horrible.


Out of curiosity, what is your issue with Trend Micro? I have it on several systems and have never had a problem...
 
2012-09-21 09:57:04 AM  
OlderGuy       
 
Smartest
Funniest
  2012-09-21 08:32:27 AM  
phuquetarde: We got hit with this but the article is wrong. You can remotely fix it. It was frankly a pretty minor annoyance, and Sophos cleaned it up within a few hours.

Having used all the AV products out there, I still like sophos more than the other corporate products. Symantec is okay, Mcafee is horrible, and trend is beyond horrible.

Out of curiosity, what is your issue with Trend Micro? I have it on several systems and have never had a problem...


ditto on Trend Micro. Has something has changed in the last few years?? Symantec is a virus and should be nuked from orbit, just to be sure.
 
2012-09-21 12:14:28 PM  
I work in IT at a company that had this update screw everything up. The installer kept going into a boot loop as it detected that the update failed. Then It decided to start quarantining exe files. Fun Fun Fun.
 
2012-09-22 01:14:27 PM  

WinoRhino: We JUST bought this product. I have a scheduled implementation day for Monday. I have it installed on my own machine and a test machine.

It is STILL better than Symantec which we are replacing.


So much THIS. We had 189 machines affected by this, and its a relatively easy fix: couple of policy changes on the console, use group policy to run a script that goes through the Sophos log and moves files back where the came from, then nuke the quarantine.xml file & restart the Sophos service. Easy. Symantec, on the other hand, did something similar a few years ago and fixing that required a complete redeployment on a new server and reimaging of 98% of the workstations.
 
Displayed 33 of 33 comments

View Voting Results: Smartest and Funniest


This thread is archived, and closed to new comments.

Continue Farking
Submit a Link »
On Twitter





In Other Media


  1. Links are submitted by members of the Fark community.

  2. When community members submit a link, they also write a custom headline for the story.

  3. Other Farkers comment on the links. This is the number of comments. Click here to read them.

  4. Click here to submit a link.

Report