The University's AntiVirus vendor Sophos released a faulty signature update around 4:30pm Wednesday September 19, 2012. The faulty signature only affects Windows systems. As computers downloaded the update it began detecting not only Sophos' update utility files as malicious, but update utilities for other things like Adobe Flash, Google, CommVault and others.
Because the updating components of Sophos are impacted, some clients are no longer able to perform the standard automated checks on an hourly basis to correct this issue.
As a result, Sophos released a Visual Basic script file that can be run on an affected system. It will analyze a log file to check what files have been quarantined and will move those files back into their original location. Once the script is run, the services can be restarted and the clients update as normal.
If you have a system that has been affected by this signature, you may see the following pop up screen along with other possible symptoms:
Note: If you are a Medical Center user, please call the ISD Helpdesk at 275-3200 for assistance.
Note: If your laptops / desktops / servers are managed through University IT managed SCCM, the fix for this issue was pushed to all managed computers. If they are not managed through SCCM, you or IT support personnel will need to manually run the script on the computer.
Sophos is now repaired.
Please contact the University IT helpdesk at 275-2000 if you have any questions or issues with using the script or receive any errors during the repair process. For Medical Center users, please call the ISD Helpdesk at 275-3200.