"Wanna" ransomware outbreak. Please see this Sophos article sophos.com/kb/126733 for advice on how to protect your organization. Immediate action recommended.
When starting a scan on Sophos Anti-Virus for Mac you see the following prompt:
This scan is configured to deal with threats automatically. To scan all files on this Mac, you must authenticate as an administrator.
Your options are:
Scan With Current Privileges
Authenticate and Scan All...
First seen in Sophos Anti-Virus for Mac OS X
Operating systems Mac OS X
You set the scan to take action if malware is found. This setting is configured under the 'Options' tab for the scan's settings. Example of default selection:
If you had the default selection of 'Log only' (i.e., take no action other than to detect and continue to block) set (as shown above) the prompt will not be seen. However if you set any other option under 'When a threat is found' and then select to run that scan the prompt is shown.
It is because you want Sophos Anti-Virus for Mac to take action that it requests administrative permissions at the start of the scan. If a threat is found in, for example, a system folder and elevated permissions are required the file(s) can be immediately moved/deleted as required.
Setting the scan to the default option of 'Log only' avoids this prompt. You can then review any items detected in the Quarantine Manager and take appropriate action at that point.
If you require the scan to attempt to move/delete threats during the scan selecting the option 'Authenticate and Scan All...' will allow the scan to run at a higher level. If you select 'Scan With Current Privileges' the scan may fail to cleanup files that are located in areas such as operating system folders.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. If you need technical support please post a question to our community. Alternatively for licensed products open a support ticket.