Sophos false positive detection ruins weekend for some Windows users

Sophos false positive detection ruins weekend for some Windows users

A bad malware signature caused Sophos antivirus products to detect a critical Windows file as malicious on Sunday, preventing some users from accessing their computers.

The false positive detection flagged winlogon.exe, an important component of the Windows Login subsystem, as a Trojan program called Troj/FarFli-CT. Because the file was blocked, some users who attempted to log into their computers were greeted by a black screen.

Sophos issued an update to fix the problem within a few hours and said that the issue only affected a specific 32-bit version of Windows 7 SP1 and not Windows XP, Vista, 8 or 10.

To read this article in full or to leave a comment, please click here

Source: Security

0Shares

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.