"Wanna" ransomware outbreak. Please see this Sophos article sophos.com/kb/126733 for advice on how to protect your organization. Immediate action recommended.
You can distribute the current versions of Sophos Anti-Virus for Windows 2000+, as part of a disk image. You can also use this to incorporate it in a disk image for cloned virtual machines. This procedure will make sure that the produced target/cloned computers:
Applies to the following Sophos product(s) and version(s) Sophos Anti-Virus for Windows 2000+Sophos Endpoint Security and Control
Note: Paths and locations listed here may vary slightly according to which version of Windows you are running, e.g. Windows Vista. Also they may vary depending on what the system drive on the template computer is, and whether Sophos Anti-Virus was installed to the default location.
You could encounter errors in Enterprise Console, or on an individual computer, when using a disk image containing Sophos Anti-Virus for Windows 2000+, if you changed the security identifier (SID) value during the imaging process.
For more information on how to resolve this problem, refer to the related knowledgebase article: Sophos Endpoint Security or Sophos Anti-Virus: local user interface becomes inaccessible.
Note: The above set of instructions are not required if running Endpoint security and control version 10.3.7 and above. Altering the SID value on these versions will cause a Comparison failure to appear in SEC.
In some desktop virtualisation scenarios, the target computers are used as virtual desktops and are frequently reverted to their original state (i.e. the state immediately after the imaging process has completed). This means that Sophos Anti-Virus will need to perform an update each time the desktop is reverted to this state and then run again. In order to minimise the security and performance impact of this update, the following steps are recommended:
Note: In Sophos Enterprise Console 5.2.1 and up to version 5.3.1, the ability to subscribe to a fixed version has been removed. In these situations the following steps will allow the use of fixed packages:
Opening the Subscriptions dialog after setting this key (no other action required) you will see the current list of fixed packages.
Note: The option to enable the use of fixed packages via the menu, has been made available in Sophos Enterprise Console 5.4.0. Further information can be found in article 117348.
For more information on how to perform these steps, refer to the Enterprise Console User manual and to your visualization solution’s documentation.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. If you need technical support please post a question to our community. Alternatively for licensed products open a support ticket.