We are not very fond of Sophos resetting UAC, IE Security Zone settings etc during remediation.
I'm aware of https://community.sophos.com/kb/en-us/118583
I found the following additional information online that reportedly fixes this issue:
From Sophos support, here are the steps to disable and enable threat remediation:
Disabling threat remediation
Open Regedit and navigate to the following location:
32-bit: HKLMSoftwareSophosSAVServiceApplication
64-bit: HKLMSoftwareWOW6432NodeSophosSAVServiceApplication
Create a Key at this location called: CCOverride
Threat remediation is now disabled.
We are using the Sophos Console 5.5 and Sophos Endpoint Security 10.7.
Does the CCOverride setting apply to these products?
Does CCOverride setting only affect the resetting of Windows options or does it also disable other threat remediations?
Why doesn't the product have an option in the AV policy to control this? 'enforce resetting of Windows security settings' or 'not to enforce resetting of Windows security settings'
This thread was automatically locked due to age.