"Wanna" ransomware outbreak. Please see this Sophos article sophos.com/kb/126733 for advice on how to protect your organization. Immediate action recommended.
This article describes how to configure MIME Types for a WebCID (central installation directory) using Windows Server 2008 and IIS (Internet Information Services) 7.0 and 8.0.
If you need to configure MIME types on Windows 2003, and IIS version 6, refer to the relevant section in the knowledgebase article Sophos Anti-Virus for Windows: How to create a web CID.
Important: We recommend referring to this article at regular intervals as the list of MIME type extensions is subject to change.
Only files with extensions registered in the IIS 7.0/8.0 MIME type list will be served. All extensions must be listed, along with an accepted Content-type. (".txt" and "text/plain" for example). You will receive an HTTP Error 403.3 - Not Found error if the file extension is not allowed.
This is best practice, as all unknown extensions will be blocked by default, and you must explicitly whitelist an extension in order to allow access. (Please see http://learn.iis.net/ for more information).
Known to apply to the following Sophos product(s) and version(s) Sophos Anti-Virus for Mac OS XSophos Anti-Virus for Windows 2000+Sophos Anti-Virus for Linux
A MIME type for this file extension already exists
Note: This list is subject to change.
. .bom .bundle .conf .configuration .crl .crt .dat .gz .ide .icns .lproj .nib .pem .pkg .plist .png .rtf .rtfd .strings .tif .tiff .txt .upd .vdb .xml
Also see 64787 to configure bin directory, double extensions, and no extensions.
After configuring the necessary MIME types within IIS it is recommended that you check that a test client can successfully update from the web server. If there are problems you suspect are related to files not being delivered it is recommended you test downloading the files from the web server using a browser.
You may need to cross reference the log files of AutoUpdate and the IIS web server logs to establish the file or files that cannot be downloaded.
You can test the download of individual files from an internet browser by enabling Directory browsing, details are available here.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. If you need technical support please post a question to our community. Alternatively for licensed products open a support ticket.