The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Does Sophos Anti-Virus treat password protected Microsoft Office documents as encrypted?
Yes, for most Microsoft Office file types, Sophos Anti-Virus detects that the file contains encrypted parts.
However, Sophos Anti-Virus will scan anything given to it, regardless of whether it thinks it is encrypted or not. It will scan 'encrypted' messages to the best of its ability. For example, a message may have many parts or attachments, only some of which are unscannable or encrypted.
Sophos Anti-Virus scanning considers any message or attachment that is password protected to be "encrypted." The Sophos engine does not attempt to identify messages that are PGP or S/MIME encrypted.
The anti-virus scanner will look for virus patterns, but if the virus portion has been encrypted, the virus may or may not match any known virus patterns. Therefore it is prudent to treat encrypted messages with caution and re-scan at the desktop where decryption is possible.
If you have a policy to allow encrypted messages to pass through into the email network, you may want to tag the subject lines so that recipients are aware that the message was not completely scanned. An alternative to passing these messages through is to quarantine them in a system quarantine.