More on the latest variant of Petya/Petrwrap/Petyawrap ransomware outbreak here.
We'd love to hear about it! Click here to go to the product suggestion community
I am quite sure these are false positives.
When adding an image [.jpg or .png] to a case in the Salesforce Toolbar for Outlook it gives an alert for 'Exploit Cryptoguard'.
By going through the Root Cause analysis, the only programs effected are Outlook and the Salesforce toolbar. The only IP addresses are our mail server and the Salesforce.com IPs. and the only business files effected are the two jpg files the user is trying to attach. Does anyone have any idea how to stop this from happening?
Outlook is 2013 and 2007
In reply to Rich Billard:
why has this issue not been resolved yet?
I am seeing the same issue for one of our clients we recently added Sophos endpoint to. So far, it's only affecting one machine, but it is claiming C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE is a source of Cryptogaurd shortly after configuring the Salesforce toolbar. For now, we have added an exclusion for Outlook, but obviously this is not the best solution...
In reply to Adam Hoffman:
Excluding outlook is opening a massive security hole in your company.
Sophos needs to fix this.
Aditya ? any updates on this?
In reply to Aditya Patel:
Please escalate. This is critical functionality that needs to be addressed. Putting an exclusion on Outlook.exe pretty much makes the product useless.
In reply to Nathaniel Tully:
Sophos support has diminished to the point where i no longer think it exists.
I encourage anyone effected by this to open a ticket via phone, referencing this thread, and insist it be escalated, and re escalated . Also contact your sales reps.
This has been going on for 4 months now.
i have multiple issues with Cryptoguard none of which ever get any resolution.
Like..."whitelist outlook.exe" REALLY?
I'm experiencing the same issues with Salesforce for Outlook add-on for Outlook.
I've submitted smaples and files for Sophos to check - just waiting for some feed back.
Same problem here and impacting dozens of users. The exclusion in certainely not a long term option, considering the situations these days. Please Sophos, talk with saleforces.com and solve this.
In reply to Fabien Sauser:
this is still happening with each and every install of the salesforce toolbar i try to migrate to this Sophos product. I fully recommend everyone who is having this issue, open a support ticket and ride support until this is fixed. Escalate to your salesperson if needed.
Same issue for us. Was told to "add outlook.exe" to our exclusions list and then got sent to this pretty much unrelated link - https://community.sophos.com/kb/en-us/35970