NWOCA Sophos Enterprise Console
NWOCA offers the Sophos Enterprise Console to allow member districts to centrally receive updates and set policies.
This information on this Wiki page only relates to those using the NWOCA Enterprise Console for their Sophos updates.
Shh/Updater-B False positive - 9/19/2012
On September 19th, Sophos released a definition update that falsely detects application updater files as viruses, which includes Sophos's own updater. If your clients did download the bad definition before the fix was released, there is a chance that Sophos deleted its own updater, and possibly updaters for other applications.
There is more information about the issue at: http://www.sophos.com/en-us/support/knowledgebase/118311.aspx
NWOCA has followed to recommended procedures on the Enterprise Console, as outlined here: http://www.sophos.com/en-us/support/knowledgebase/118328.aspx
AutoUpdate Fix - Option 1
Sophos is recommending following this procedure to fix the deleted AutoUpdate files: http://www.sophos.com/en-us/support/knowledgebase/118323.aspx
AutoUpdate Fix - Option 2
NWOCA has found that replacing the AutoUpdate folder on each computer, and running a manual update will download the latest definition files.
You must be running Sophos version 10.
- Download the AutoUpdate.zip folder from: https://wiki.nwoca.org/download/attachments/15007812/AutoUpdate.zip
- Extract the ZIP file and overwrite the AutoUpdate folder that is inside:
- 32-bit Operating System - C:\Program Files\Sophos\
- 64-bit Operating System - C:\Program Files (x86)\Sophos\
- If it says there are files in use, check the Services to make sure all Sophos services are stopped.
- Once the folder is copied, run:
- 32-bit Operating System - C:\Program Files\Sophos\AutoUpdate\ALMon.exe
- 64-bit Operating System - C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
- That should put the update icon in the system tray. From there right click and select update
- Restart when finished
Note that this will not fix any other application updater that was flagged by Sophos.