September 5, 2006 7:21 AM PDT
CA antivirus deletes Windows 2003 file
At the heart of the problem is part of Windows' built-in security, a file called Lsass.exe. This was wrongly detected as a virus by CA's eTrust software and was deleted, causing some servers to crash and fail to reboot.
CA, formerly known as Computer Associates, said that it quickly spotted and remedied the problem on Friday and also advised affected users to find out how to fix it.
The cause of the confusion seems to be Lsass.exe being mistaken for the Trojan Win32/Lassrv.B.
Lassrv.B was discovered in the wild on Aug. 24 and was rated as a very low threat. The problem for Windows 2003 and eTrust users occurred in a subsequent signature update from CA on Friday.
Will Sturgeon of Silicon.com reported from London.
12 commentsJoin the conversation! Add your comment