Do you mean that the Application Control policy of Enterprise Control blocks Spotify? If so, double click the relevant policy (Default?)under Application control, go to the Authorization tab and scroll down to Application Type = Media Player. Scroll down the Blocked list until you find Spotify and move it to the Authorized list.
We block all Media Players such as Spotify/iPlayer etc due to Performing Rights licencing as we work in an open environment (and it would be cacophony if everyone was plying different things at the same time:smileymad:).
you can't expect a profound answer on a quite vague question. All that can be said is that either Spotify has some characteristics which match a new or updated detection item or some new characteristics of Spotify (in case it was it that has been updated) match an existing detection item.
You shouldn't deride Suspicious Behavior and File detection - as you can see there are quite a few of them and they are rather specific - more than once it has helped to spot new threats or variants (and in many cases prevented "successful" infection even though some malicious parts could not yet been detected).
Please look up the threat's description - the Summary has instructions on how to deal with it. If a "popular" application or an old file is flagged I usually send in a sample. Most of the time updated detection items have been issued and the files were (and are) no longer flagged.
I'm experiencing this as well, it started yesterday at about 5pm.
I've been searching for a Spotify version history, thinking that they might have pushed an update yesterday which might've changed something and now Sophos doesn't want to play nicely with Spotify. Unfortunately I can't seem to find one anywhere.
as said before it might be an updated detection identity which now sees Spotify as suspicious. But whether it was this or an update of Spotify, it can (only) be resolved by either the the Labs issuing an update detection or you authorizing the file. The former is the more sustainable solution - but someone has to send an sample.
I am not an Admin, nor do I have access to the console. Is there a way I can send a sample or do I have to have access to the Sophos console to do that?
sending a sample is easy but should be done by your site's administrator. As the detection sends an alert to the console your IT is probably aware of the issue. Now it depends on your site's policies whether they care or just just say "too bad".
Should be fixed at this time (update clients if they're still detecting it)
From my sample submission:
The sample that you have sent in is a false-positive detection which Sophos Lab has corrected. The detection has been published in the IDE pdfjs-zg.ide on 2012-08-09 02:12 BST.
