This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Remove Sophos - bypass tamper protection on an Apple Mac - Too Easy!

Hi All

We find ourselves in a situation where some of our users have admin rights on their Apple Mac and have found a way to bypass tamper protection in Sophos allowing them to easily uninstall Sophos by running the Sophos uninstaller.

All a user needs to do is move all the Sophos plist files located in /Library/Preferences/ to the bin and then run the Sophos uninstaller. Or just delete the /Library/Preferences/com.sophos.sav.plist and then run the Sophos uninstaller. Doing either of these actions bypasses the tamper protection prompt allowing for easy uninstall.

Just wondering how we can rectify this issue?

This thread was automatically locked due to age.

Haridoss Sreenivasan over 7 years ago

Hi Troy,

Please allow me to check on this issue and update you further.

Haridoss Sreenivasan
Technical Support Engineer | Sophos Technical Support
Knowledge Base | @SophosSupport | Video tutorials
Remember to like a post. If a post (on a question thread) solves your question use the 'This helped me' link.
Cancel
Vote Up 0 Vote Down

Cancel