October 15 Update: Main blog post has been updated to reflect the addition of Known Issues in the patch article  http://support.microsoft.com/kb/974571

 

Please be notified of this issue http://communicationsserverteam.com/archive/2009/10/14/632.aspx

------------------------------------------------------------------------------

We need to alert you to an issue that is under investigation with the applying of KB974571 (MS09-056: Vulnerabilities in CryptoAPI could allow spoofing) that will cause the LCS or OCS server to show running with the evaluation version and then noting it as expired.

 

The post below provides a great write up for reference and for the sake of those using a reader I will also reproduce that content.

-----------------------------------------------------------------------------------

Doug’s link and post content

http://blogs.technet.com/dodeitte/archive/2009/10/13/do-not-apply-kb974571-to-lcs-ocs-servers.aspx

Update #1 - Until this issue can be resolved, I am only suggesting that you either hold off on deploying this update, or test very throughly to make sure that this won't cause an outage in your environment.  Security updates are VERY important, and once this issue is resolved, you should deploy this update to all of your LCS/OCS servers.

Currently an issue is being observed after applying KB974571 (MS09-056: Vulnerabilities in CryptoAPI could allow spoofing) to LCS/OCS servers, that is causing them to believe that they are running an evaluation version of LCS/OCS and that it has expired.

http://support.microsoft.com/kb/974571/

If you apply the patch, the LCS/OCS services fail to start and you see these errors in the event log:

Event Type:        Error
Event Source:    Live Communications Server
Event Category:                (1000)
Event ID:              12290
Date:                     10/13/2009
Time:                     8:28:57 PM
User:                     N/A
Computer:         
Description:
The evaluation period for Microsoft Office Live Communication Server 2005 has expired. Obtain the released version of this product and upgrade to the non-evaluation version by running setup.exe

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:        Error
Event Source:    Live Communications Server
Event Category:                (1000)
Event ID:              16417
Date:                     10/13/2009
Time:                     8:28:57 PM
User:                     N/A
Computer:         
Description:
Unable to initialize the protocol stack. The service has to stop.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:        Error
Event Source:    Live Communications Server
Event Category:                (1000)
Event ID:              12299
Date:                     10/13/2009
Time:                     8:28:57 PM
User:                     N/A
Computer:         
Description:
The service is shutting down due to an internal error.

Error Code: 0xC3ED0804.
Resolution:
Check the previous event log entries and resolve them. Restart the server. If the problem persists contact product support.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Uninstalling the patch is the only way to currently fix this issue.

The issue is currently being escalated, but until a fix can be found, delaying the install of KB974571 is recommended.