Experts with SANS warned last week that administrators were experiencing Windows 2003 server crashes after updating with a defective signature for CA's eTrust software that identifies Lsass.exe files as the Lassrv-B Trojan.
The crashes were caused by the deletion of the LSASS Windows Service component by the software, which also prevented administrators from rebooting.
"It seems that CA accidentally flagged Lsass.exe as a bad file," wrote Joel Esler of SANS. "(It is) reminiscent of the McAfee .xls debacle of not too long ago."
CA issued a fixed update, but some businesses are still dealing with systems disabled by the initial problem. Both CA and Microsoft have published advisories with instructions to restore Windows 2003 systems.
_(22).jpg&h=140&w=231&c=1&s=0)
_(20).jpg&h=140&w=231&c=1&s=0)
_(26).jpg&w=100&c=1&s=0)
iTnews Executive Retreat - Security Leaders Edition
_(1).jpg&h=140&w=231&c=1&s=0)
