Last week Microsoft released serveral security updates and KB974571 broke our production OCS 2007 server at our  hosted environment. Serveral events were shown in the Systemlog:

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7038
Date:  10/17/2009
Time:  7:04:25 PM
User:  N/A
Computer: OCS
Description:
The RtcSrv service was unable to log on as domain\RTCService with the currently configured password due to the following error:
Logon failure: unknown user name or bad password. 

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7024
Date:  10/19/2009
Time:  8:52:23 AM
User:  N/A
Computer: OCS
Description:
The Office Communications Server Front-End service terminated with service-specific error 3286842403 (0xC3E93C23).

10/19/2009 5:37:19 AM OCS Server 1000 12290

The evaluation period for Microsoft Office Communications Server 2007 has expired. Please upgrade from the evaluation version to the full released version of the product.

Please make sure you don’t install the “MS09-056: Vulnerabilities in CryptoAPI could allow spoofing”  KB974571 until this problem has been fixed.

MS09-056: Vulnerabilities in CryptoAPI could allow spoofing:

Known issues that affect this security update

Services that are required by Communications Server are not started after you install this update and then restart a computer that is running any of the following versions of Communications Server:

  • Live Communications Server 2005 (LCS)
  • Live Communications Server 2005 SP1
  • Office Communications Server 2007 Enterprise edition (OCS)
  • Office Communications Server 2007 Standard edition
  • Office Communications Server 2007 R2 Enterprise edition
  • Office Communications Server 2007 R2 Standard edition
  • Office Communicator 2007 Evaluation version only*
  • Office Communicator 2007 R2 Evaluation version only*

When this problem occurs, the required services behave as if an expired trial version of the product is installed. This behavior affects the whole Communications Server enterprise that is hosted by the affected server or servers.

Microsoft is investigating this issue, and will determine the most appropriate way to address it. Customers who are not running OCS or LCS server are not affected by this known issue, and can safely ignore this issue.

Customers who have deployed the OCS or LCS product on a server should assess the risk that is involved to decide whether to install the security update on that server. These customers should revisit this Knowledge Base article often, because this article will be updated as soon as more information and a resolution are available.