Geek News: Latest Technology, Product Reviews, Gadgets and Tech Podcast News for Geeks

Sophos Anti-Virus Deletes Itself as a Virus

Posted by Alan at 12:50 PM on September 20, 2012

Anti-virus software is a necessary evil in today’s world, thanks to the proliferation of hackers, malware and botnets.  Unfortunately, the software can frequently cause high profile problems like locking users out of their computers and causing endless reboots by deleting necessary Windows system files.  Perhaps no problem has been more embarrassing than the recent Sophos debacle.  The security software flagged it’s own files as malicious and proceeded to delete them.

For the most part, it’s better for these programs to err on the side of caution than risk allowing a user’s system to be infected.  However, Sophos went a bit far with their most recent update, when it flagged the Shh/Updater-B file as malicious.  Although the problem was worldwide, thankfully Sophos allows users and administrators to choose what happens when threats are detected.  If your settings called for simply denying access to the file then there was little harm.  For those who set their computers to delete offending files the program proceeded to cripple itself by deleting it’s own updater.  That made the process to undo the damage a bit more time consuming and difficult than simply waiting patiently for an update to trickle down.

Sophos has since fixed the issue by pushing an update.  Kudos to the company for acting quickly in this matter, but it illustrates the problems that have plagued this type of software.  With Windows 8 now looming on the horizon these problems may become less widespread thanks to the built-in Windows Defender that handles most of this duty, much to the dismay of third-party software makers.