Is something different going on with Sophos Central and Endpoint client installation files?

I logged into Sophos Central to add another Endpoint Device and a couple of things are different this morning.


1) the Sophos Cloud two-factor confirmation code SMS message came from a different source than previously. This time it was a standard phone number listed as a T-Mobile VOIP number. I checked the URL and it is correct and the certificate is correctly set for via Amazon/Amazon Root CA 1.

2) After downloading the Endpoint installer, Microsoft Defender immediately flagged it as containing a virus. This has not happened previously over the last week.

Just seemed unusual to me. I have not installed it as I am questioning what is going on.

Anyone else have any issues?

Thanks, Gary

  • Hi  

    There are no such reported issues as of now. What is the notification that you have received that the file contains virus? 

  • In reply to Shweta:

    I did not indicate the specific virus signature. However, I have since gone back and downloaded again this time using IE (last time I used Edge). It did not complain. I manually scanned it with Defender and it passed. So, I guess it was just a weird deal.

    It looks like the the MFA is using random SMS numbers to send the codes now - previously it was always from the same source. Just the two things simultaneously caused me to make sure there was no issues.