Sophos apologized in a blog post and pointed to a knowledge base article, which included steps to help mitigate the non-existent 'outbreak': If you have Live Protection enabled, you should stop seeing these detections eventually as the files are now marked 'clean' in the Live Protection cloud.
If you do not have Live Protection enabled you will stop seeing the new detections once has been downloaded by your endpoints [released Wednesday evening.] Many antivirus solutions are cautious of their own software, simply because many viruses and malware attempt to disable the programs in a bid to circumvent the system and networks, allowing the malware to spread even further.
I just wanted to chime with my experiences in VMware View with Sophos End Point Protection 9.5 - yep we've been there and through upgrades and have come up with a decent process for deploying Sophos End Point Protection on VMware View snapshot clones without installing the entire EPP product on each machine after it's created to reduce the size of the linked clones and reduce management overhead on both sides.Formerly the day city editor of the nation’s largest afternoon newspaper and executive producer of Good Morning America, the CBS Morning News and Entertainment Tonight, Merlis conducts all our workshops.An effective presentation is a blend of agenda, materials and techniques; in other words, a performance.They previewed a v Shield appliance in Februrary... I hate that they won't answer any v Shield questions in their forum.--- Short version: I install and update the sophos agent on the master to ensure the newest ides are installed.Then I run a batch file I created to delete machine specific xml files and registry keys to sanitize the machine (see Sophos references below).
On the master VM: Run the attached batch file (Prep_Sophos.zip) which calls the included reg keys on the master VM to prep the machine for deployment right before you shut down the master for your deployment snapshot. For Example if you placed the in C:\Temp\Deploy Sophos\ you would put "C:\Temp\Deploy Sophos\install.bat" and then every VM created for that pool will finish the sophos customization without doing a full reinstall right after the machine is on the domain and synchronized.