The Engine does not support decrypting AES encryption within PDFs, hence issues an encrypted return code if StrongPDF is configured. A file can contain AES encrypted objects with the default password, even if a user has not set their own password to the file - which is likely to be what is happening in this case.
To explain the differences with 128bit-RC4 encrypted pdfs, Sophos can generally decrypt and scan them using the default key so no error is returned. So in summary, Sophos engine is likely to return ENCRYPTED for AES encryption within PDFs even when no password has been set.
It is correct that sophos cannot scan the object encrypted using AES, though sophos can still add detection for a malicious file, even if part of that file cannot be scanned for some reason. The error is only for the only AES encrypted object, additional parts of the file will be scanned though Sophos would not need to scan the whole PDF file in order to detect the PDF as viral.
In summery, Sophos will provide protection again any possible PDF threats. May I suggest if you have any concern about protection against future threats, it is always best to have second layer of AntiVIrus scanning which can run either on ESA appliances, mail server or end user client machines.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...