Sophos-интереснейшая инфа

[Windfresh 0]

Sophos Anti-Virus Software Causes More Damage Than All OS X Viruses, Trojans and Worms Put Together

After trumpeting the Inqtana-A virus just days ago and making a big deal out of this worm that relies on a security flaw patched by Apple over half a year ago, anti-virus vendor Sophos has now taken another bold step towards the grave.

Their update for the Inqtana-B virus identity file incorrectly flagged various Microsoft Office and Adobe Acrobat Reader files, to name just a few, which led to data loss for many of the program’s users. Hundreds and in many cases thousands of files were erroneously flagged as being infected, and,

depending on the settings of the users, were then deleted. In several cases the spread of the ‘infected files’ was so great that after the ‘disinfection’ the systems were left all but useless.

The Mac community is in an uproar after this incident, which only served to bring up memories of the problems encountered with Norton’s Anti-Virus Software. The fact that the Inqtana-B problem the update was supposed to address was so remote only puts the integrity and moral practices of Mac anti-virus program vendors under scrutiny.

The two ‘viruses’ and the ‘extremely critical’ OS X flaw all combined did not even cause a fraction of the damage the Sophos software did.

The Leap-A worm infected less than a hundred machines, and of those, all had been willing infections on behalf of testers and researchers; the Inqtana-A worm had spread even less seeing how Apple had closed the hole it needed more than half a year ago.

After the entire media was in an uproar about how threatened OS X now is because of the high public profile, the most damage is still coming from companies and programs who are supposed to be preventing the damage in the first place.

At the end of the day, the only questions that begs to be asked is: Did the people at Sophos even test their software? At least once? How could this happen? Who will protect Mac users from the anti-virus companies?

http://news.softpedia.com/news/Sophos-Anit...her-18620.shtml

[Сергей Ильин 1538]

Забавно, Sophos так активно пиарился по случаю появления вирусов для Mac OS X ... и тут такая фигня с апдейтом

Добавлено спустя 1 минуту:

Sophos Anti-Virus Software Causes More Damage Than All OS X Viruses, Trojans and Worms Put Togethe

Название статьи тоже прикольное, само за себя говорит

[Михаил Кондрашин 55]

... и тут такая фигня с апдейтом

Увы, единственная гарантия --- репутация вендора. Безгрешных не бывает, так что главное часто не подмачивать оную.

BTW: Backup никто не отменял.

[Сергей Ильин 1538]

Sophos достаточно быстро все поправил, уже 22 февраля сообщил в пресс-релизе о том, что все исправлено. В нем говориться, что уже менее чем через два часа все было исправлено, хотя пострадасть все равно могли многие :?

**************************************

SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, issued an update at 14:43 GMT on Tuesday 21 February to detect the OSX/Inqtana-B worm for Mac OS X.

Unfortunately, this update was flawed, and Mac OS X users may have been mistakenly warned by Sophos Anti-Virus for Mac OS X that some files on their computers were infected with the worm.

SophosLabs quickly discovered the problem, and issued a revised update less than two hours later at 16:40 GMT, Tuesday 21 February. Customers who take advantage of Sophos's automated updating facility will have been automatically updated from this time, and will no longer experience the false positive.

Additionally, an email was sent to customers who are subscribed to Sophos's email notification list informing them that the IDE had been updated to correct the detection issue.

Sophos apologizes for any inconvenience that this problem has caused. Measures have been put in place to ensure that the problem does not occur again. Any customers who require further guidance are recommended to contact Sophos Technical Support.

Sophos would like to remind customers that the OSX/Inqtana-B worm is not in-the-wild, and is unlikely to be encountered.

http://www.sophos.com/pressoffice/news/art...inqtanafix.html