Anyone else getting APT alerts en-mass for ocsp.comodoca.com?

Disregard my previous message, I don't think it's related...

I am, however, getting the same alert on ocsp.comodoca.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBReAhtobFzTvhaRmVeJ38QUchY9AwQUu69+Aj36pvE8hI6t7jiY7NkyMtQCECsuburZdTZsFIpu26N8jAc=

I wouldn't advise that, you might be blocking legitimate OCSP lookups which will cause Certificate Trust Check issues.

Emile

I might be barking up the wrong tree here but I think any https website that has a certificate CA signed by COMODO may be flagging the errors. I have checked a couple of the websites our flagged 'virus' users have been on and a few of them have COMODO certificates

Steven,

I imagine you are correct because the primary reason for contacting the COMODO CA would be to verify the validity and revocation status of a COMODO cert. So this alert could potentially be triggered by anything that causes a lookup on a COMODO cert.

Still seeing these alerts with pattern 118547, I see a few units have updated to 11848 but haven't gotten a hit on a UTM running that pattern yet.

Yes. Alerts started at 7:22 AM MST today and haven't stopped since. Running firmware 9.411-3 with pattern updated to latest at 118549. Have support ticket in with Sophos, but no response from them yet.

Also seeing this error on all 3 UTM'S in 3 of my Sites beginning this morning. 

Firmware version: 9.411-3 Pattern version: 118548

Please Advise

Also seeing this on our UTM 9:

Firmware version: 9.411-3 Pattern version: 118549

Add us to the list:

Firmware:  9.411-3

Pattern Version: 118549

Updated to Firmware 9.411-3 yesterday and was on pattern 118535 today when these alerts started coming in. I just updated to pattern 118550 to see if that helps.