Re: APC Powerchute software - expired Java Runtime certificate has detrimental effect on Win2k / Win2k3 and SBS Servers
From: William (Bill) Hobson (b-hobson_at_TAMU.EDU)
Date: Mon, 22 Aug 2005 11:46:30 -0500 To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
This problem can be worse than the problems that Michael had. We patched
an Exchange 2003 server and rebooted it and it refused to boot. We wound
up booting in safe mode and disabling the APC service to get it to boot.
This happened only after three hours of frustrating testing to try and
figure out why until one of us remembered that he had seen something
about the APC problem.
This one problem caused more down time than we have had on our email
servers in the last three years combined! Shame on APC!
William J. (Bill) Hobson
Senior Networked Systems Administrator I
Information Security Officer
Network and Computing Support Services
Texas Engineering Experiment Station
321 Wisenbaker Engineering Research Center
College Station, TX 77843-3124
Office: (979) 845-5808
FAX: (979) 862-1185
From: Windows NTBugtraq Mailing List
[mailto:NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM] On Behalf Of Michael Banjac
Sent: Friday, August 12, 2005 2:02 AM
Subject: APC Powerchute software - expired Java Runtime certificate has
detrimental effect on Win2k / Win2k3 and SBS Servers
This week, we were baffled by a significant number of our managed client
servers falling like dominos, each one exhibiting the same symptoms.
Essentially, the consoles were dead or dead slow....couldn't open
control panel or network properties, explorer was crashing (no desktop),
IE was non responsive. Restart the server and the exact same symptoms
reappear. Accessing the admin console across the network via RDP made
no difference. At first sight, we were reasonably confident that the
Server had been hijacked or hit by a virus.
-- NTBugtraq Editor's Note: Most viruses these days use spoofed email addresses. As such, using an Anti-Virus product which automatically notifies the perceived sender of a message it believes is infected may well cause more harm than good. Someone who did not actually send you a virus may receive the notification and scramble their support staff to find an infection which never existed in the first place. Suggest such notifications be disabled by whomever is responsible for your AV, or at least that the idea is considered. --