{"id":2054,"date":"2012-09-21T00:00:00","date_gmt":"2012-09-21T00:00:00","guid":{"rendered":"http:\/\/otava.test\/sophos-antivirus-glitch-detected\/"},"modified":"2012-09-21T00:00:00","modified_gmt":"2012-09-21T00:00:00","slug":"sophos-antivirus-glitch-detected","status":"publish","type":"post","link":"https:\/\/www.otava.com\/blog\/sophos-antivirus-glitch-detected\/","title":{"rendered":"Sophos Antivirus Glitch Detected"},"content":{"rendered":"<p>On Wednesday, the Sophos antivirus software started detecting its own program updates as malware, and subsequently quarantined the executable files. As a result, the updating function was disabled and unable to update, according to ZDNet.com.<\/p>\n<p>Below is a screenshot of the false positive \u2018malware\u2019 from Sophos.com, detected as Shh\/Updater-B:<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\" alignnone\" title=\"Sophos Antivirus Glitch Detected\" src=\"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/shh-updater-b.jpg\" alt=\"Sophos Antivirus Glitch Detected\" width=\"500\" height=\"169\" \/><\/p>\n<p>Sophos.com reports that by <a href=\"https:\/\/www.sophos.com\/en-us\/support\/knowledgebase\/110794.aspx\">enabling Live Protection<\/a>, you should no longer see the detections, since the files are now marked \u2018clean\u2019 in the Live Protection cloud. If you don\u2019t have Live Protection enabled, once javab-jd.ide has been downloaded by your endpoint computers, you will stop seeing detections.<\/p>\n<p>Sophos is directing users to this knowledgebase article that provides more information about the false positives and how to update endpoints with the latest IDE files: <a href=\"https:\/\/www.sophos.com\/en-us\/support\/knowledgebase\/118311.aspx\">Advisory: Shh\/Updater-B False Positives<\/a>. The steps, with more detail in the article, are:<\/p>\n<ol>\n<li>Confirm SUM is updated and downloaded javab-jd.ide to distributions<\/li>\n<li>Configuration of cleanup options<\/li>\n<li>Endpoints check<\/li>\n<\/ol>\n<p>What could have caused this bug? One theory attributes the issue to the lack of developer testing during the development cycle, and the failure to check code for bugs or security vulnerabilities. According to a survey conducted by Forrester Consulting and software vendor Coverity, more than 70 percent of respondents that had experienced a security incident also claimed there was a lack of security and technology processes for their developers.<\/p>\n<p>Meanwhile, 79 percent of respondents could not keep pace with the rising code volume, and more than 60 percent stated there was not enough security funding. The short time-to-market also forced 41 percent of respondents to put security during development on the back burner.<\/p>\n<p>\u201cThis has lots to do with developers being pressured to get out code,&#8221; said Steve Aiello, Sr. Systems Engineer, CISSP at Online Tech. &#8220;The primary objective in many companies is to make money, and that means the developers are pushed to get their product out quickly. This is a really good case and point on how even in the security industry, these things can happen.\u201d<\/p>\n<p>The issue has affected users and partners worldwide. If you need more technical support or want to read how others are handling the issue, visit <a href=\"https:\/\/community.sophos.com\/t5\/Sophos-Endpoint-Protection\/bd-p\/ESDP\">SophosTalk<\/a>, the Sophos community forum for Sophos Endpoint Protection.<\/p>\n<p>References:<br \/>\n<a href=\"https:\/\/www.zdnet.com\/sophos-antivirus-detects-own-update-as-false-positive-malware-7000004565\/\">Sophos Antivirus Detects Own Update as False Positive Malware<\/a><br \/>\n<a href=\"https:\/\/nakedsecurity.sophos.com\/2012\/09\/19\/sshupdater-b-fsophos-anti-virus-products\/?utm_source=feedburner&amp;utm_medium=feed&amp;utm_campaign=Feed%3A+nakedsecurity+%28Naked+Security+-+Sophos%29\">Shh\/Updater-B False Positive by Sophos Anti-Virus Products<\/a><br \/>\n<a href=\"https:\/\/www.h-online.com\/security\/news\/item\/Study-finds-web-developers-undertake-too-little-vulnerability-testing-1710284.html\">Study Finds Web Developers Undertake Too Little Vulnerability Testing<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>On Wednesday, the Sophos antivirus software started detecting its own program updates as malware, and subsequently quarantined the executable files. As a result, the updating function was disabled and unable to update, according to ZDNet.com. Below is a screenshot of the false positive \u2018malware\u2019 from Sophos.com, detected as Shh\/Updater-B: Sophos.com reports that by enabling Live Protection, you should no longer see the detections, since the files are now marked \u2018clean\u2019 in the Live Protection cloud. If you don\u2019t have Live Protection enabled, once javab-jd.ide has been downloaded by your endpoint computers, you will stop seeing detections. Sophos is directing users to this knowledgebase article that provides more information about the false positives and how to update endpoints with the latest IDE files: Advisory: Shh\/Updater-B False Positives. The steps, with more detail in the article, are: Confirm SUM is updated and downloaded javab-jd.ide to distributions Configuration of cleanup options Endpoints check What could have caused this bug? One theory attributes the issue to the lack of developer testing during the development cycle, and the failure to check code for bugs or security vulnerabilities. According to a survey conducted by Forrester Consulting and software vendor Coverity, more than 70 percent of respondents&#8230;<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[59],"tags":[],"other_category":[],"class_list":["post-2054","post","type-post","status-publish","format-standard","hentry","category-information-technology-tips"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.2 (Yoast SEO v27.2) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Sophos Antivirus Glitch Detected | OTAVA<\/title>\n<meta name=\"description\" content=\"The Sophos antivirus software started detecting its own program updates as malware, and subsequently quarantined the executable files.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.otava.com\/blog\/sophos-antivirus-glitch-detected\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Sophos Antivirus Glitch Detected\" \/>\n<meta property=\"og:description\" content=\"The Sophos antivirus software started detecting its own program updates as malware, and subsequently quarantined the executable files.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.otava.com\/blog\/sophos-antivirus-glitch-detected\/\" \/>\n<meta property=\"og:site_name\" content=\"OTAVA\" \/>\n<meta property=\"article:published_time\" content=\"2012-09-21T00:00:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/shh-updater-b.jpg\" \/>\n<meta name=\"author\" content=\"Irma Brillantes\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Irma Brillantes\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.otava.com\/blog\/sophos-antivirus-glitch-detected\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.otava.com\/blog\/sophos-antivirus-glitch-detected\/\"},\"author\":{\"name\":\"Irma Brillantes\",\"@id\":\"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263\"},\"headline\":\"Sophos Antivirus Glitch Detected\",\"datePublished\":\"2012-09-21T00:00:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.otava.com\/blog\/sophos-antivirus-glitch-detected\/\"},\"wordCount\":398,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.otava.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.otava.com\/blog\/sophos-antivirus-glitch-detected\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/shh-updater-b.jpg\",\"articleSection\":[\"Information Technology Tips\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.otava.com\/blog\/sophos-antivirus-glitch-detected\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.otava.com\/blog\/sophos-antivirus-glitch-detected\/\",\"url\":\"https:\/\/www.otava.com\/blog\/sophos-antivirus-glitch-detected\/\",\"name\":\"Sophos Antivirus Glitch Detected | OTAVA\",\"isPartOf\":{\"@id\":\"https:\/\/www.otava.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.otava.com\/blog\/sophos-antivirus-glitch-detected\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.otava.com\/blog\/sophos-antivirus-glitch-detected\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/shh-updater-b.jpg\",\"datePublished\":\"2012-09-21T00:00:00+00:00\",\"description\":\"The Sophos antivirus software started detecting its own program updates as malware, and subsequently quarantined the executable files.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.otava.com\/blog\/sophos-antivirus-glitch-detected\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.otava.com\/blog\/sophos-antivirus-glitch-detected\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.otava.com\/blog\/sophos-antivirus-glitch-detected\/#primaryimage\",\"url\":\"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/shh-updater-b.jpg\",\"contentUrl\":\"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/shh-updater-b.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.otava.com\/blog\/sophos-antivirus-glitch-detected\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.otava.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Sophos Antivirus Glitch Detected\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.otava.com\/#website\",\"url\":\"https:\/\/www.otava.com\/\",\"name\":\"OTAVA\u00ae\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.otava.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.otava.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.otava.com\/#organization\",\"name\":\"OTAVA\u00ae\",\"url\":\"https:\/\/www.otava.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.otava.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg\",\"contentUrl\":\"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg\",\"caption\":\"OTAVA\u00ae\"},\"image\":{\"@id\":\"https:\/\/www.otava.com\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263\",\"name\":\"Irma Brillantes\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g\",\"caption\":\"Irma Brillantes\"},\"url\":\"https:\/\/www.otava.com\/blog\/author\/ibrillantesotava-com\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Sophos Antivirus Glitch Detected | OTAVA","description":"The Sophos antivirus software started detecting its own program updates as malware, and subsequently quarantined the executable files.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.otava.com\/blog\/sophos-antivirus-glitch-detected\/","og_locale":"en_US","og_type":"article","og_title":"Sophos Antivirus Glitch Detected","og_description":"The Sophos antivirus software started detecting its own program updates as malware, and subsequently quarantined the executable files.","og_url":"https:\/\/www.otava.com\/blog\/sophos-antivirus-glitch-detected\/","og_site_name":"OTAVA","article_published_time":"2012-09-21T00:00:00+00:00","og_image":[{"url":"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/shh-updater-b.jpg","type":"","width":"","height":""}],"author":"Irma Brillantes","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Irma Brillantes","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.otava.com\/blog\/sophos-antivirus-glitch-detected\/#article","isPartOf":{"@id":"https:\/\/www.otava.com\/blog\/sophos-antivirus-glitch-detected\/"},"author":{"name":"Irma Brillantes","@id":"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263"},"headline":"Sophos Antivirus Glitch Detected","datePublished":"2012-09-21T00:00:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.otava.com\/blog\/sophos-antivirus-glitch-detected\/"},"wordCount":398,"commentCount":0,"publisher":{"@id":"https:\/\/www.otava.com\/#organization"},"image":{"@id":"https:\/\/www.otava.com\/blog\/sophos-antivirus-glitch-detected\/#primaryimage"},"thumbnailUrl":"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/shh-updater-b.jpg","articleSection":["Information Technology Tips"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.otava.com\/blog\/sophos-antivirus-glitch-detected\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.otava.com\/blog\/sophos-antivirus-glitch-detected\/","url":"https:\/\/www.otava.com\/blog\/sophos-antivirus-glitch-detected\/","name":"Sophos Antivirus Glitch Detected | OTAVA","isPartOf":{"@id":"https:\/\/www.otava.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.otava.com\/blog\/sophos-antivirus-glitch-detected\/#primaryimage"},"image":{"@id":"https:\/\/www.otava.com\/blog\/sophos-antivirus-glitch-detected\/#primaryimage"},"thumbnailUrl":"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/shh-updater-b.jpg","datePublished":"2012-09-21T00:00:00+00:00","description":"The Sophos antivirus software started detecting its own program updates as malware, and subsequently quarantined the executable files.","breadcrumb":{"@id":"https:\/\/www.otava.com\/blog\/sophos-antivirus-glitch-detected\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.otava.com\/blog\/sophos-antivirus-glitch-detected\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.otava.com\/blog\/sophos-antivirus-glitch-detected\/#primaryimage","url":"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/shh-updater-b.jpg","contentUrl":"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/shh-updater-b.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/www.otava.com\/blog\/sophos-antivirus-glitch-detected\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.otava.com\/"},{"@type":"ListItem","position":2,"name":"Sophos Antivirus Glitch Detected"}]},{"@type":"WebSite","@id":"https:\/\/www.otava.com\/#website","url":"https:\/\/www.otava.com\/","name":"OTAVA\u00ae","description":"","publisher":{"@id":"https:\/\/www.otava.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.otava.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.otava.com\/#organization","name":"OTAVA\u00ae","url":"https:\/\/www.otava.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.otava.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg","contentUrl":"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg","caption":"OTAVA\u00ae"},"image":{"@id":"https:\/\/www.otava.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263","name":"Irma Brillantes","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g","caption":"Irma Brillantes"},"url":"https:\/\/www.otava.com\/blog\/author\/ibrillantesotava-com\/"}]}},"_links":{"self":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/posts\/2054","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/comments?post=2054"}],"version-history":[{"count":0,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/posts\/2054\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/media?parent=2054"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/categories?post=2054"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/tags?post=2054"},{"taxonomy":"other_category","embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/other_category?post=2054"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}