September 20, 2012, 2:25 PM — Security firm Sophos today apologized for wreaking havoc in its customers' networks after a faulty update to its anti-virus software yesterday caused false positives for certain malware to occur on Windows-based computers.
"We would like to apologize for all the disruption caused to our many customers worldwide," Sophos said in a statement today. "We recognize the issue is very serious, and are doing everything we can to resolve it." Sophos says in its critical advisory that it thinks the problem was caused by a release from SophosLab for use with its Live Protection system.
Although Sophos issued a corrective update, the security firm said today it's conducting a "full investigation" to determine how this all happened and to ensure it doesn't happen again, and expects to provide more information shortly about the issue. In its advisory, Sophos notes that "symptoms" of the effects of the faulty update on customer endpoints would include a number of things, such as:
- Any virus detections of the malware 'Shh'
- Sophos Autoupdate not updating correctly
Sophos added that other product update mechanisms may not be functioning correctly as well, and visually it may appear that the "Sophos Shield may disappear."
Another impact would be that the console for the Sophos anti-virus software may be issuing reports on malware called Shh/Update-B. But this represents a false positive and is not an actual outbreak, Sophos states.
Sophos was not immediately available to say how many customers were impacted by the faulty update, but there was considerable discussion about the problem among customers online on the SophosTalk online network.
Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security. Twitter: MessmerE. E-mail: firstname.lastname@example.org.
Read more about wide area network in Network World's Wide Area Network section.