Security Audit

Our Web Application Pentest ( WAP) attempts to address the Owasp top 10 & SANS top 20 web application vulnerabilities and other exploitable loopholes of your web application . Along with it our WAP team also test web applications for Business logic flaws that can directly or indirectly effect the functioning of application.

Trainings

We are here to help you solve your biggest query- where and how to start? CDI has brought various courses in Ethical Hacking in Chandigarh where all you technology lovers will be given the much needed push to move forward and create a niche for yourself in the field. From Beginner to Expert level we have many kinds of training patterns.

Call Us : +91-771045-0011 | +91-771045-0022

Windows Users Locked Out By SOPHOS Antivirus Tool!

 

 

England based Security Software and Hardware vendor “SOPHOS” get into trouble last Sunday, when its antivirus products marked a critical Windows System file as a malware. All the windows users, which are using SOPHOS antivirus services, were unable to log in into their computer systems. According to SOPHOS, all this happened due to a small mistake.

 

Which Windows File Was This?

“winlogon.exe” is an important file of windows. Antivirus tools of SOPHOS, marked this file as a Trojan “Troj/FarFli-CT”. This is a critical windows file, which is a part of Windows login subsystem. This process is very important to check user authorization and activation.  SOPHOS antivirus tools, marked it as a Trojan due to a bad malware signature. After that, when users tried to log in into their user account, they got an error message in black screen. To fix this problem, an instant update had been released by SOPHOS for all its antivirus products. According to SOPHOS, very less number of users have faced this problem as we noticed that this happened only in Windows 7 Service Pack 1.

 

Be a Part of CDI, By Signing Up Here!

 

How Many Users Have Suffered It?

In a support article SOPHOS said, after analyzing our system we noticed the number of affected windows users is very less. SOPHOS also wrote, we were getting feedback from our customers and there was minimal amount of affected users. On the other hand, a number of SOPHOS customers were tweeting that we are trying to reach support team of SOPHOS and we are in queue for hours. Users were looking very much tensed and one user tweeted,” This False Positive Actually removed some of my weekend".

 

How Affected Users Fixed This Issue?

SOPHOS released a support document for affected users. Company wrote,” User need to reboot his system in Safe Mode and then ne disable SOPHOS Antivirus Program from default start. Now restart your systems in normal mode”. Apart from it, many users were able to log in into their systems by clearing bogus notifications from SOPHOS Console. There was need to mark all the bogus notifications as resolved.

 

Also read: Alert For Windows 10 Users! Update Your System Immediately to Patch 9 Critical Vulnerabilities!

 

Conclusion

This is not happened first time and SOPHOS is not the first company. Although company had fixed the issue immediately but the question is, how an Antivirus Company can do these type of mistakes? All companies are using proper white listing mechanism to filter the windows legitimate files. The program files of windows are very sensitive. Deleting and blocking windows system files, may harm the computer badly.

Leave a Reply

Name
Email id
Contact No
Comment

See more of Cyber Intelligence by logging in.
Connect with cyber security experts,Discover job opportunities,Online Training, Information Security Advisory and lot more.