Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 1 subscriber
  • Views 1109 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Known Malware infects customer network

ivanildogalvao

Hello friends, I went through a serious problem for a client and would like to understand why it happened and how to prevent this disorder.

Next:

One of our customers bought us Sophos Endpoint Data Protection, it is protecting 120 workstations, a network problem for the console was 13 days without updating the virus definitions, then a known virus called W32/Chir-A and other with W32/Chir-B name entered in the customer network and caused some inconvenience, he even topple the internet link several machines had this virus, after solving the problem of the console, it updated the virus definitions, and the problem was resolved.

But ask 13 days without definitions update is enough to infect the entire network? Further by a virus known existing ha several years?

How to prevent viruses not recognized by Sophos, create major problems, is to isolate the virus in order to let him neutered?

Thank you all!

:37715


This thread was automatically locked due to age.
Parents
  • 0

    Hello ivanildogalvao.

    doesn't look like the definitions for W32/Chir have been updated recently so the missing updates shouldn't be directly related. Thus the clients even if not up to date should have been sufficiently protected with regard to the mentioned malware.

    I'm not sure I understand the exact sequence of events: How were these W32/Chir threats detected? Did they "get in" during the 13 days (and Sophos only detecting them when SEC was able to update again)? Might be necessary to examine the logs (if they still exist) so I suggest you contact Support.

    Christian

    :37721
Reply
  • 0

    Hello ivanildogalvao.

    doesn't look like the definitions for W32/Chir have been updated recently so the missing updates shouldn't be directly related. Thus the clients even if not up to date should have been sufficiently protected with regard to the mentioned malware.

    I'm not sure I understand the exact sequence of events: How were these W32/Chir threats detected? Did they "get in" during the 13 days (and Sophos only detecting them when SEC was able to update again)? Might be necessary to examine the logs (if they still exist) so I suggest you contact Support.

    Christian

    :37721
Children
No Data