Apparently Sophos' IT security products Central Windows Endpoint, Home and Central Windows Server cannot cope with this year's leap year: Under certain conditions, the applications incorrectly display a warning message when visiting legitimate websites.
Advertisement
Leap year problem
The message states that the connection to an HTTPS website is not encrypted (see image) and attackers can record user input. This is fatal when logging into online banking, for example. The reason listed is an invalid certificate. But this is a false alarm.
The reason for this is most likely today's date. The IT protection solutions simply do not know February 29th and incorrectly classify the certificate as invalid during the handshake.
Requirements and solution
In a support post, those responsible write that the problem only occurs if the “SSL/TLS decryption of HTTPS websites” option is active in the Thread Protection settings. This setting is intended to protect against man-in-the-middle attacks. In addition, PCs equipped with the protection solutions must have been restarted today.
To avoid the bug, admins must deactivate the option. Sophos has also published a policy for endpoint and server that is intended to solve the problem. But these are only temporary workarounds. Announced software updates should then finally solve the problem. These should appear promptly. When exactly this will happen is currently unknown.
Admins can find further information about the incident in the support article.
(of the)