Sophos UTM: Decommissioning of obsolete URL categorization services CFFS. Click here for important info.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Potentially Unwanted App Protection Disabled Alert But It Is On


I am using Sophos Home 10.3.8 on a MacBook Pro running Big Sur 11.6.8, the most current version of each I believe. Yesterday the Sophos badge spontaneously turned orange and said PUA protection was disabled. When I click Enable on my desktop, the website interface shows that it is already enabled. When I turn it off and back on on the website, the website is all green and happy, but on my desktop the badge is still orange with the PUA protection disabled alert.

I might be less concerned, but yesterday I mistyped a URL and landed on a sketchy website. I don't remember the exact sequence of events, but my laptop DNS server entry also mysteriously changed around this time to I don't know where this address came from because I had manually set the DNS on my laptop and router to Google's and almost a week ago.

And my computer is running slower.

I ran a fast scan yesterday that came up clean. I'm going to have to wait to do a full scan overnight tonight.

Could I have caught a bug that is disabling PUA protection? Is anyone else experiencing something like this?

Thanks for your help.

This thread was automatically locked due to age.
  • Hi ewestp,

    Thanks for reaching out to the Sophos Community Forum. 

    I haven’t previously heard of an issue such as this. Do you know if any updates occurred around when the issue occurred? 

    If you have a Sophos Home Premium license, the Sophos Home team would be best suited to assist you with this issue. The agent will be slightly different than the one deployed from Sophos Central which I am familiar with, though I will do my best to assist.

    Kushal Lakhan
    Team Lead, Global Community Support
    Connect with Sophos Support, get alerted, and be informed.
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids
  • Hi Qoosh,

    Thanks for your response. There were a few updates/installations around that time in the screennshot here from System Information > Software > Installations:

    I'm not sure what macOS Monterey is doing on the list as I'm definitely running Big Sur 11.6.8.

    I don't have a Premium license; I'm using the free version.

    Last night I closed all applications and restarted, and the badge was normal. I turned off wifi and ran a full scan overnight which came up clean. This morning I turned wifi back on, and so far so good. Everything looks normal.

    Maybe it was just some mixed up configuration files that finally sorted themselves out after multiple restarts.


  • I just noticed the exact same thing this morning.  The badge is orange but Sophos Home shows that the protection is enabled.  I am using the Sophos Home Premium version.

    And I'm running MacOS Big Sur.

  • Ditto on Mac OS 10.14.6.  Noticed it a couple of days ago and the badge is orange, but UAP says it's enabled on the web.  Seemed to notice it after an update to Adguard Pro but I can't find anything obvious that would interfere with sophos home in the settings.  

  • The badge is no longer orange and Sophos reports all is well.  This happened sometime yesterday.

  • I encountered the same problem this morning (2022.09.01). Sophos Home Premium 10.3.8. Big Sur 11.6.8. iMac (Retina 5K, 27-inch, Late 2014).

  • I'm seeing the same thing MacOS Monterey - fully updated. Just started after a reboot a few days ago.

    It looks like the Sophos app updated around the same time. 10.3.8