Windows XP retirement: reminder, Java support has also now ended

xp-retirementWe may yet be accused of “going on” about the recent retirement of XP, but we feel justified in doing so as any systems you have that are still running XP will become more vulnerable over time.

Last week we saw a reminder that Oracle will not be issuing an update to Java on XP on the 15th July when it releases its regular update.

When we asked SophosLabs what they thought about Java on XP and the change in support status, they said that Java had been hard work even for supported operating systems – and so with no support for Java on XP there was no prospect of it getting any better.

Continue reading

Windows XP retirement: What we recommend for security

xp-retirementFor many of you, Microsoft has retired your favorite operating system, XP. I say favorite since about 20% of the Windows PCs out there are still running some variant or other of XP, from Home through to embedded, and we don’t see that changing any time soon.

The vast majority of customers will by now have swapped out the systems where they are using XP as a standard desktop for something newer – probably Windows 7 or 8. Those that haven’t are possibly unaware of the risks or else have some kind of bespoke application installed that means that they cannot easily move to a later operating system.

The fact is that XP will no longer get updated (Microsoft released an update for IE including in XP after the end of support, but is not likely to do so again). Perhaps it will be seen by some as not important enough to warrant the investment in change. However, PCs now running XP are at a greater risk than ever of compromise – despite Sophos and other security vendors continuing to offer protection against malware.

Continue reading

New features available in PureMessage for UNIX v6.1

puremessageWe’re pleased to announce the availability of PureMessage for UNIX v6.1, including a number of new enhancements you – our customers and partners – have requested.

Of course, we encourage you to keep your PureMessage infrastructure up to date. Updating to the latest version gets you all the new features and technology improvements.

If you’re still running v5, we advise you to review the Getting Started Guide and plan your move to v6 at your earliest opportunity.

Continue reading

Sophos simplifies subscriptions and lifecycle for endpoint products

sophos-cloudIn order to make our endpoint products even easier to use, we have simplified the subscriptions in our on-premise management console (SEC) to make using Sophos engineering more efficient. Now, we will no longer be releasing all of our endpoint products together on a monthly basis.

Instead, we are separating the product and security updates and will deliver Windows, Mac and Linux individually, with more frequent security data updates, and less frequent software changes.

We’re sending more direct communications to our customers and partners over the coming weeks. In the meantime, you can take a look at a new set of knowledgebase articles that explain the changes and how things will work from now on.

Continue reading

Microsoft extends anti-malware for XP; Here’s why you still need to upgrade

microsoftMicrosoft announced on January 15th that it will extend updates to its anti-malware for Windows XP for another year. But as our security experts explain, the underlying facts of Microsoft’s planned retirement of XP in April have not changed, and you should still upgrade as soon as possible.

Once Microsoft officially ends support for XP on Patch Tuesday in April (the last security update for XP), there will be no new security updates, non-security fixes, assisted support options, or online technical content updates from Microsoft.

Continue reading

SophosLabs Threat Level moves to “High Risk” due to Microsoft zero-day threat

ZeroDaySophosLabs today raised the Threat Level to “High Risk,” due to a vulnerability in the Microsoft Graphics component that could allow remote code execution. The flaw affects Microsoft Windows, Microsoft Office, and Microsoft Lync.

Our High Risk designation means there is a strong possibility of this vulnerability being actively exploited by malware.

According to SophosLabs, Microsoft has yet to release a patch to fix this vulnerability. In the meantime, we recommend running the FixIt tool provided by Microsoft to block the vulnerability until a patch is released.

Continue reading

How Cryptolocker encrypts your files and extracts a ransom (Video demo)

ransomwareRecently we told you about how Sophos protects you from the nasty Cryptolocker ransomware. Now we’d like to give you a little demonstration of how it spreads, how it encrypts files, and how it extracts a ransom from its victims.

Our Support teams have put together a video demonstration (embedded below) that shows what Cryptolocker actually looks like and how it works.

Continue reading

Video: Introduction to the Sophos Mobile Control 3.5 web front-end

Sophos Mobile ControlWith the release of Sophos Mobile Control 3.5, we’ve added some new features and functionality, and updated the web front-end. Whether you’re an admin with experience using previous versions of SMC, or it’s entirely new to you, our latest helpful training video gives you a detailed look at the web console and how to use it.

Here at Sophos Global Support Services, we want to make it easy for you to understand our products and how to use them effectively. In the Support section of our website, you can find other resources about SMC.

Watch the video below:

Continue reading

Introducing Threat Awareness: Join the newest SophosTalk community

chaticonGreat news, Sophos friends. Starting today, we’ve launched a new Threat Awareness forum as part of our SophosTalk online community.

Threat Awareness is different from our other support and product forums. It’s a place where you can talk about threats and attacks you’ve experienced, and ask for help. Members can make comments, ask questions and offer advice.

We’re interested in hearing about malware, spam, potentially unwanted applications—anything that’s out there and seeking to compromise security. What was the threat, and what did it try to do? How was it cleaned up?

Continue reading