Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 12 replies
  • Answers 1 answer
  • Subscribers 18 subscribers
  • Views 30222 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Central blocking https://login.microsoftonline.com' due to category 'Spyware'

balletbob

Hi,

 

We had Office 365 services unavailable all day and have just figured out Sophos Central was incorrectly blocking login.microsoftonline.com' due to category 'Spyware' .

Just thought I'd mention it in case anyone else was having the same issue.

 

I've just manually updated the signatures on a computer and it's not resolved.

 

Anyone know how I can force update all the clients? I can't see how to do this from the console.

 

Is there a command line I can throw at all the computers with my own systems management tool?

 

Thanks

 

Damien



This thread was automatically locked due to age.
  • 0

    Same here... put in exceptions until Sophos send a fix.

  • 0

    In Web Control add the Exemption to Allow the Office https://login.microsoftonline.com Website. That should work. 

    Until we get an RCA from Sophos we need to apply this fix

  • +1

    Hi  

    The reported site is now re-categorized and it shouldn't be blocked anymore. If you still see the issue appearing , please try clearing the browser caches and then retry it.

    Hope it helps.

    Regards,

    Gowtham Mani
    Community Support Engineer | Sophos Technical Support
    Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'This helped me' link.

  • 0 in reply to Gowtham Mani

    What processes are in place to prevent such an issue impacting customers again?  Blocking MS meant our staff couldn't work the entire time.  It's a big screw up, please address what happened, how the site was mistakenly added, and what process is in place to prevent issues like this.  Just saying "we fixed it" isn't enough.  I have management to answer to and explain the tickets we got and loss of production were caused by Sophos.  

     

    Seriously, the lackadaisical Sophos attitude when their mistakes impact customer production is unacceptable.   We need to know what happened and what is done to prevent it from happening again.  We can't just "oh well, guess that happened!  Hope it doesn't happen again!" our way through these Sophos problems.  

  • 0 in reply to David Laufnick

    I myself would like to here some answers from management @ Sophos!

    I have to explain what happened to my managers as well.

    so is there any change control/management in place now ? is there any error prevention method for maybe some important site?

    what if next time you block google.com?! 

    what exactly has been done so far ?

     

     

     

     

     

  • 0

    Happened to us as well ! This is unacceptable ! How can such a popular website be categorised as 'Spyware' !

    This affected business operations nation wide for us !

     

    We need more than just 'We fixed it' type responses from Sophos. As it stands, installing Sophos products on computers causes us more pain / grief and downtime than any virus would !

  • 0 in reply to jazzoberoi

    It happened not only to that website. Many other popular website are in wrong categories.

  • 0 in reply to Gowtham Mani

    Hi Gowtham 

    just out of curiosity ? how does it work here ? you grab the comments and talk to your manager and give us feedback? or 

    this is just public forum with no response from the vendor itself?

    Im just new here and trying to understand why did I drop some serious money for some enterprise product in which we get

    no explanation at all!?

     

  • 0 in reply to arjjj

    Actually, there was a point where they blocked Google (and many other) sites.  All we ever got was a mea culpa from Sophos.  No apology and clearly no long term fix.  This company needs to step up to the Enterprise level and stop failing its customers.

  • 0

    Hello everyone. We’re sorry.  We regret any inconvenience to you or your customers caused by this incident.  We take issues like these very seriously and have made a number of significant changes to our processes and those of our supplier to insure that this doesn’t happen again. We have thoroughly reviewed the root cause analysis of this incident and for security reasons we don’t plan to publish it broadly. Please contact Sophos Support if you require an RCA.

    SureWin

Unfiltered HTML