Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 1 subscriber
  • Views 967 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Did a bad definition file get leaked in the past 12 hours?

ericandrew

I'm supporting a university that uses Cisco NAC Agent for residential networking. Starting this morning we have a large amount of students getting dinged for having home-use versions of Sophos w/definitions more than 14 days outdated, which is highly ununusal.

I checked several people having the problem and there appears to be a pattern: around 3pm EST these folks all had some variation of Sophos 10.x with a definition file of 380 and a recent date:

Client AV Info
Product ID:SophosAV
Product Name:Sophos Anti-Virus
Product Version:10.0.11
Virus Definition File Version:4.94(380)
Virus Definition File Date:10/24/2013

Later in the evening betwene 9pm and 11pm EST an update changed the definition version but the date has reverted several months??

Client AV Info
Product ID:SophosAV
Product Name:Sophos Anti-Virus
Product Version:10.0.11
Virus Definition File Version:4.94(383)
Virus Definition File Date:07/31/2013
:44511


This thread was automatically locked due to age.
  • 0

    We are also having this issue -- seeing this in 10.3 as well.  From the Cisco NAC agent, version 4.9.3.5 with compliance module 3.6.7873.2, it shows the Definition Date as blank which is tripping our posture assessment rules.

    I've opened a support ticket in the hopes this issue will be identified and sorted quickly as the number of students coming to our door is growing by the minute.

    :44549