Sophos Anti-Virus Update Identifies Sophos Code As Malware

← Back to Stories (view on slashdot.org)

Sophos Anti-Virus Update Identifies Sophos Code As Malware

Posted by timothy on Thursday September 20, 2012 @04:51AM from the auto-immune-disease dept.

An anonymous reader writes "Yesterday afternoon anti-virus company Sophos Inc. released a normal anti-virus definition update that managed to detect parts of their own software as malicious code and disabled / deleted sections of their Endpoint security suite, including its ability to auto-update and thus repair itself. For many hours on the 19th, Sophos technical call centers were so busy customers were unable to even get through to wait on hold for assistance. Today thousands of enterprise customers remain crippled and unable to update their security software." Sophos points out that not everyone will be affected: "Please note this issue only affects Windows computers."

6 of 245 comments (clear)

Min score:

Reason:

Sort:

99.999% by jsepeta · 2012-09-20 04:52 · Score: 5, Insightful

how many of Sophos customers are not on the Windows platform? that makes me laugh.

--
Remember kids, if you're not paying for the service, YOU ARE THE PRODUCT THAT IS BEING SOLD.
1. Re:99.999% by Verunks · 2012-09-20 05:32 · Score: 5, Informative
  
  So far, there have only been a couple 'proof of concept' viri for Linux. Nobody's figured out a way to pry any money away from us yet. :D
  but linux antivirus aren't used to protect linux, they are useful if you run a mail server or a proxy so you can clean mails and webpage before they infect a windows user, or to clean an infected windows installation, for example the kaspersky live cd is based on linux
2. Re:99.999% by jd2112 · 2012-09-20 06:16 · Score: 5, Funny
  
  What's impressive is that this got out of Sophos' testing lab and into production. I guess they must not test signatures in house at all. Congratulations, Sophos customers, you've been promoted to alpha testers.
  Actually, it's an incredible show of honesty on the part of Sophos. Perhaps Symantec and McAfee will follow suit and flag their own software as malicious as well.
  
  --
  Any insufficiently advanced magic is indistinguishable from technology.
Re:That's why I don't install AV software on my PC by asmkm22 · 2012-09-20 05:11 · Score: 5, Funny

That's like saying you don't use condoms because you know how to pull out.
Re:Which just goes to show... by localman57 · 2012-09-20 05:12 · Score: 5, Funny

"test by eyeballing the code" has its drawbacks.
Exactly. Sometimes code that looks useless is really pretty important. The article follow up said they removed this test from an iteration loop, since there weren't comments about what it did. Apparently the original programmers thought it obvious...

if ( asimov_3rd_violation())
{
continue;
}
else
{
remove_file(filename);
}
Re:That's why I don't install AV software on my PC by localman57 · 2012-09-20 05:16 · Score: 5, Funny

My cousin used to say the same sort of thing about his know-it-all supervisor at work that was always riding him to wear safetly glasses. After he got back from disability, the guy got him a couple of tickets to Avatar in 3d, just to be an asshole.