So, we have started seeing these messages:
--------------------------------------------------------------------------------------------
Sophos Central Event Details for *****
What happened: We detected a potentially unwanted application (PUA) on a computer. PUAs are not malicious but are often considered unsuitable for corporate networks.
Where it happened: *****
Path: C:\Windows\System32\mictray64.exe
What was detected: Conexant MicTray Keylogger
User associated with device: *****
How severe it is: Medium
What Sophos has done so far: We blocked access to the PUA.
What you need to do: In the Sophos Central Admin console, go to the Alerts page. Select the PUA alert. To remove the PUA, click Clean up PUA(s). If you want to let it run, click Authorize PUA(s). Authorize PUAs will apply to all your computers, not just the one in this alert.
--------------------------------------------------------------------------------------------
It is only detecting on a small handful of our computers, but we have a large number using the 'defective' driver. How can we be sure all the affected computers have been protected?
This thread was automatically locked due to age.
