Computer Associates has confirmed that its eTrust Antivirus software crashed Windows Server 2003 systems last week, as a result of tagging an element of the server as malware.
The fault affected systems for several hours last Friday. The CA eTrust Antivirus 7.0, 7.1, and 8.0 packages were updated with a flawed definition file that wrongly defined Windows' LSASS service as the "Lassrv.b" virus.
As a result of quarantining the service's "lsass.exe" executable, the virus update caused servers to crash.
In an advisory, CA informs users how to get their servers back up and running. The software supplier says it has issued the 30.3.3056 definition file to replace and fix the wrong one.
Earlier this year security software vendor McAfee issued a similar “false positive” update, which among the applications it crashed was Microsoft Excel.
The CA advisory, headed “Why is my server crashing…”, can be found here:
Vote for your IT greats
Who have been the most influential people in IT in the past 40 years? The greatest organisations? The best hardware and software technologies? As part of Computer Weekly’s 40th anniversary celebrations, we are asking our readers who and what has really made a difference?
Vote now at: www.computerweekly.com/ITgreats