This article provides information on Sophos Messenger, an application that enables Sophos to message administrators of Enterprise Console, Sophos Enterprise Manager and Control Center with important information.
Applies to the following Sophos product(s) and version(s)
Enterprise ConsoleSophos Control CenterSophos Enterprise Manager
Sophos Messenger allows direct communication with the users of Enterprise Console, Control Center and Enterprise Manager via pop-up messages on the Sophos management server. Messages are displayed for all members of the Microsoft Windows Sophos Console Administrators security group, where certain conditions of the message are met. For example, Sophos may choose to message specific users that we are retiring a product because it directly affects them.
Note: These messages will only be displayed on the management server computer and will not be displayed on computers running a remote console.
Sophos Messenger is used to improve communication with Sophos administrators and ensuring that users are quickly and easily notified of important information relating to Sophos products. This method of communication is for important information on product retirement or for scenarios where we need to message the Sophos administrator about an important issue. It is not used for marketing purposes.
Read the message to determine what to do and if it is relevant to your systems. It may be that no action is required and it is only information on an important issue, and those messages often link to a knowledge base article with more information.
For example, to communicate to all Enterprise Console users that may be running Sophos Antivirus 9.5, it is necessary to generate the alert on all versions of Enterprise Console. If the message is not relevant, you can click Acknowledge to prevent it being re-displayed.
If you have a question about a displayed message, feel free to post a question on our Sophos Community.
Sophos Update Manager (SUM) has the ability, through the use of a supplemental package, to deliver and execute a custom executable (UpdatePatch.exe). Sophos Messenger will use this ability to copy a number of files, including an executable (Sophos.Messenger.exe), a config file (Sophos.Messenger.exe.config), an XML file (Sophos.Messenger.xml) and a .dat file (scf.dat) over to the computer. These files will reside in and be executed from:
The XML file will contain the messages shown to the user (translated as required) and the conditions that need to be met for the message to be displayed. The required conditions of a message will depend on:
As UpdatePatch.exe is launched by SUM under the local system context, this gives the application the ability (on the initial execution) to run the Sophos.Messenger.exe process in each interactive session that is logged in. To ensure that the message is displayed to users who are not currently logged in, a reference will be added to the registry key to ensure all members of the Sophos Console Administrators security group see the message the next time they log on. The reference will be added to:
Once the message has been displayed and acknowledged, the message will not be displayed again.
When the message is displayed/acknowledged, an HTTP request to Sophos will be generated. This mechanism enables us to be sure that users have seen/acknowledged the messages and that the communication channel is working as intended.
As mentioned above, this is not a tool that will be used heavily. However, there is the ability to disable the execution via the registry for a user and/or computer. We strongly discourage suppression of these infrequent messages as they are targeted messages with important information.
To disable Sophos Messenger for all users on a computer:
To disable for the current user:
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. If you need technical support please post a question to our community. Alternatively for licensed products open a support ticket.