Experts with SANS warned last week that administrators were experiencing Windows 2003 server crashes after updating with a defective signature for CA's eTrust software that identifies Lsass.exe files as the Lassrv-B Trojan.
The crashes were caused by the deletion of the LSASS Windows Service component by the software, which also prevented administrators from rebooting.
"It seems that CA accidentally flagged Lsass.exe as a bad file," wrote Joel Esler of SANS. "(It is) reminiscent of the McAfee .xls debacle of not too long ago."
CA issued a fixed update, but some businesses are still dealing with systems disabled by the initial problem. Both CA and Microsoft have published advisories with instructions to restore Windows 2003 systems.
_(36).jpg&h=140&w=231&c=1&s=0)
_(39).jpg&w=100&c=1&s=0)
iTnews Executive Retreat - Data & AI Edition
.png&w=120&c=1&s=0)
iTnews Cloud Covered Breakfast Summit
iTnews State of Security Breakfast
The 2026 iAwards
.jpg&w=120&c=1&s=0)
Integrate 2026
_(1).jpg&h=140&w=231&c=1&s=0)
