1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Sophos false positive detection ruins weekend for some Windows users

Discussion in 'Network World' started by RSS, Sep 5, 2016.

  1. RSS

    RSS New Member Member

    A bad malware signature caused Sophos antivirus products to detect a critical Windows file as malicious on Sunday, preventing some users from accessing their computers.

    The false positive detection flagged winlogon.exe, an important component of the Windows Login subsystem, as a Trojan program called Troj/FarFli-CT. Because the file was blocked, some users who attempted to log into their computers were greeted by a black screen.

    Sophos issued an update to fix the problem within a few hours and said that the issue only affected a specific 32-bit version of Windows 7 SP1 and not Windows XP, Vista, 8 or 10.

    "Based on current case volume and customer feedback, we believe the number of impacted systems to be minimal and confined to a small number of cases," the company said in a support article.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page