Java 1.6.0_19  MD2withRSA is disabled issue

Similar Messages

• "MD2withRSA is disabled" error after Java upgrade

  Hi everyone,
  I have been using JRE 6 (with various updates) with Reflection for Web 4.5 for several months.
  However, when I try to run this from a URL now, I get the following error dialog appear:
  The publisher cannot be verified by a trusted source.
  Code will be treated as unsigned.
  sun.security.validator.ValidatorException: PKIX path validation failed:
  java.security.cert.CertPathValidatorException: algorithm check failed: MD2withRSA disabled
  This could be a problem with Update 17, I have tried Update 2 and Update 16 (after uninstalling Update 17) on the same machine and I do not get the error.
  Once I install update 17, I get the error again.
  With a newer version of (Reflection for Web 9.0), I do not get this error with Update 17.
  Has some low security mode been disabled with this latest version?
  Can I enable "MD2withRSA" somehow?
  Does anyone know how I can allow this to run, or flag it as a trusted source?
  Thank you,
  Chris

  I'm having the same issue trying to access the Lexmark printer web page. I don't want to install an older version of Java. Can anyone from Sun assist? Below is the error message I get:
  sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: algorithm check failed: MD2withRSA is disabled
       at sun.security.validator.PKIXValidator.doValidate(Unknown Source)
       at sun.security.validator.PKIXValidator.doValidate(Unknown Source)
       at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
       at sun.security.validator.Validator.validate(Unknown Source)
       at sun.security.validator.Validator.validate(Unknown Source)
       at com.sun.deploy.security.TrustDecider.isAllPermissionGranted(Unknown Source)
       at sun.plugin2.applet.Plugin2ClassLoader.getPermissions(Unknown Source)
       at java.security.SecureClassLoader.getProtectionDomain(Unknown Source)
       at java.security.SecureClassLoader.defineClass(Unknown Source)
       at java.net.URLClassLoader.defineClass(Unknown Source)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
       at java.lang.reflect.Method.invoke(Unknown Source)
       at sun.plugin2.applet.Plugin2ClassLoader.defineClassHelper(Unknown Source)
       at sun.plugin2.applet.Plugin2ClassLoader.access$400(Unknown Source)
       at sun.plugin2.applet.Plugin2ClassLoader$2.run(Unknown Source)
       at java.security.AccessController.doPrivileged(Native Method)
       at sun.plugin2.applet.Plugin2ClassLoader.findClassHelper(Unknown Source)
       at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
       at java.lang.ClassLoader.loadClass(Unknown Source)
       at java.lang.ClassLoader.loadClass(Unknown Source)
       at sun.plugin2.applet.Plugin2ClassLoader.loadCode(Unknown Source)
       at sun.plugin2.applet.Plugin2Manager.createApplet(Unknown Source)
       at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
       at java.lang.Thread.run(Unknown Source)
  Caused by: java.security.cert.CertPathValidatorException: algorithm check failed: MD2withRSA is disabled
       at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(Unknown Source)
       at sun.security.provider.certpath.PKIXCertPathValidator.doValidate(Unknown Source)
       at sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(Unknown Source)
       at java.security.cert.CertPathValidator.validate(Unknown Source)
       ... 26 more

• Just read "Best of Macworld" article "How to disable Java on your Mac," in email dated 2/25/13. I run OS 10.4.11 and Java 1.5.0_19. Do I remove/isolate the same way? Will the effects of removal/isolation the same as described in the article?

  Just read "Best of Macworld" article "How to disable Java on your Mac," in email dated 2/25/13. I'm a dinosaur running OS 10.4.11 and Java 1.5.0_19, which is earlier than the versions addressed in the article. Do I remove/isolate in the same manner? Will the effects of removal/isolation the same as described in the article?

  Hello, if you're talking about disabling Java in say Safari...
  Safari>Preferences>Security>uncheck/Disable Java in your Browser settings, not JavaScript.

• JDK 1.6.0_18 MD2withRSA is disabled exception

  Hi,
  Who knows what should be done to security certificates on the web-server to get rid of that exception.
  I am getting the exception, when trying to do SSL connection from Java to some secure web-sites using https
  protocol. I know that MD2 is not secure anymore and Sun disabled its use, but must they at least give some
  workarounds or heads up and explanations?!!! There is nothing in the Release notes and bug 6861062
  has mysteriously disappeared.
  Does anybody else has such problems? I am surprised that there is no big noise about this issue yet -
  only couple of posts and no answers.
  Verisign claims that their certificates are Ok, even though some roots are signed with md2RSA.
  javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: algorithm check failed: MD2withRSA is disabled
       at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source)
       at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
       at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
       at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown Source)
       at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
  . . .

  Fandy44 wrote:
  Guys, read carefully the question! I don't need discussions here - I am asking for advice.So you are allowed to make fatuous comments but we are not allowed to comment on them. I've got some advice for you but it is against the forum COC for me to post them.
  There is no problem with the
  MD2 signature being insecure - the problem is that SUN has disabled MD2 support and gave no workarounds or release notes. Now the people who presumably has old certificates has their web-sites shut down. Verisign insist that their old
  certificates are OK Yet the consensus seem to say not. Would you prefer Sun to just ignore the consensus and ignore the problem?
  (https://knowledge.verisign.com/support/ssl-certificates-support/index?page=content&id=AD146)
  - so who to blame?Why do you want anyone to be to blame? Every secure system ever devised probably has some flaw. Just look at the recent flaws found in the SSL/TLS renegotiation protocol.
  I guess - SUN, who did not test their patch with old Verisign certificates.Argh, so now we have it. Sun and not Verisign are to blame for Verisign having possibly insecure certificates.
  BTW, the old Verisign certificates may still have few years to expire!Since sites authenticated using these old certificates are potentially flawed I would have expected that anyone who has a certificates signed by them to be rushing out to get a new certificate. The cost is likely to be minimal when compared with the possible loss of business.
  Sorry I felt the need to comment on your comments. I won't do it again.
  Bye

• Smart update / My Oracle Support authentication &  MD2withRSA is disabled

  Greetings,
  We just installed OEM 11g R1 which uses WebLogic 10.3.2.0 using jdk1.6.0_20. We did an all in one install, i.e. 11g DB, WebLogic and OEM 11g R1 on the same OEL 5U5 x86-64 machine and OEM 11g R1 is up and running. The environment is not stable and I was informed that WebLogic must be update with patch WDJ7 using the smart update program, i.e. http://download.oracle.com/docs/cd/E15523_01/doc.1111/e14143/quickrefax.htm.
  When we try to authenticate to My Oracle Support with the smart update GUI we receive an error message "Unable to verify your status" and in the logs we see
  "javax.xml.rpc.ServiceException: Error processing WSDL document:
  javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: algorithm check failed: MD2withRSA is disabled"
  We found a similar post smart update not connecting to my oracle support that said an uninstall and reinstalled of WebLogic with a different JDK solved the smart update / My Oracle Support error.
  smart update not connecting to my oracle support
  Also:
  http://72.5.124.102/thread.jspa?messageID=10933260#10933260
  http://forums.sun.com/thread.jspa?threadID=5435040
  Could you please help us with a solution to patch WebLogic 10.3.2.0 using the smart update program with ? I'm not sure if uninstalling WebLogic and reinstalling WebLogic with a different JDK will break our OEM installation. Suggestions?
  Thank you in advance for your support!
  Respectfully,
  Roddy

  Hi,
  Do u hav a supporting license, If so there is a back door solution for this. Contact the oracle support and the them for patch "WDJ7". Copy the path of this .jar in your commonenv.sh file under +"WEBLOGIC_CLASSPATH"+.
  Restart the server and the patches would be installed.
  regards,
  Zeno

• The Java plugin has created a time unfriendly issue with my e-mail account, I can not open or send any e-mail without using this plugin, how can I eliminate this problem without dropping m. firefox?

  A few days ago I tried to e-mail a friend, when I started A box came up and it required me to add a plugin..Java. I contacted my e-mail courier and microsoft, they told me that is was a plugin from Mozilla Firefox. Since then I must go through Java to send or open an e-mail... this is NOT to my satisfaction, it takes too long for all of this to open and if it is not cleared , I am dropping Mozilla and going elsewhere. Why has this occurred? Is this a result of the last update? If so can I delete the last update and continue on the other version?
  == This happened ==
  Every time Firefox opened
  == last week

  Sorry, I have no idea what you mean by '''"The Java plugin has created a time unfriendly issue with my e-mail account, I can not open or send any e-mail without using this plugin,"'''.
  If you think your problem is caused by the Java plugin, you should visit the Java support forum for assistance.
  http://forum.java.sun.com/index.jspa
  If you could explain what you mean by '''"time unfriendly''' issue with my e-mail account", maybe we'll be able to help you solve that issue.
  It might be helpful for us if we knew exactly which web-mail provider you are using. It seems strange to me that viewing or sending web-mail would actually "need" Java for operation, its more likely that some other item on the web page needs Java to run some advertising or other garbage that isn't a necessary part of the web-mail functionality you want to use.

• EID3.0 Endeca Server SSL disable issue

  Hi,
  I have installed EID3.0 on our server and the SSL was enabled. I built page based on this Endeca Server and it worked well.
  For testing the Java Client call, I need to disable the SSL.
  Today I updated the config file "EndecaServer.properties" under path "MW_HOME/user_projects/domains/endeca_domain/config" as below:
  endeca-require-https=false
  endeca-webserver-port=7001
  endeca-secure-mode=false
  And remove the SSL setting in "MW_HOME/user_projects/domains/endeca_domain/config/config.xml"
  But when I restart the weblogic and run "./endeca-cmd list-dd", it throws error as below:
  endeca-cmd encountered a problem.
  caused by:
  Error contacting the Endeca Server localhost:7001: javax.xml.soap.SOAPException: javax.xml.soap.SOAPException: Bad response: 503 Service Unavailable from url http://localhost:7001/endeca-server/ws/manage
  caused by:
  javax.xml.soap.SOAPException: javax.xml.soap.SOAPException: Bad response: 503 Service Unavailable from url http://localhost:7001/endeca-server/ws/manage
  caused by:
  javax.xml.soap.SOAPException: Bad response: 503 Service Unavailable from url http://localhost:7001/endeca-server/ws/manage
  caused by:
  Bad response: 503 Service Unavailable from url http://localhost:7001/endeca-server/ws/manage
  Anyone know how to disable SSL for EID3.0? Must I reinstall it again?

  Try also clearing the following two EndecaServer.properties:
  endeca-ds-cert-file=
  endeca-ds-ca-file=
  Also don't forget to review your EndecaCmd.properties settings.

• JSP generates error - thread.java:481 - Source code viewing is disabled

  I run IBM WebSphere 3.5.3 on a WinNT platform. When I try to run my JSP testpage (which is a normal HTML page with jsp extension) I get the error message:
  thread.java:481 - Source code viewing is disabled.
  What is this? What can I do to get it running?
  I have made the webapplication and application server and it seems to run fine.
  Thanks in advance.

  I thought I had done it correctly, but I must have missed out on something. I tried my jsp code in the "examples" folder and it worked there. I am now using the "examples" folder instead. Thanks for your reply :)

• Java Preferences always shows Enabled cannot disable

  I re-added the Java Preferences app on a clean install of Mountain Lion on my MacBook Pro.
  When I open Java Preferences, the "On" checkbox is always checked regardless if I uncheck it.
  In ~/Library/Preferences/com.apple.java.JavaPreferences... I see it setting JMEnanbled to 0 when I uncheck the box, but Java is still enabled!
  I want to be able to disable Java completely when I am not using it.
  I've searched and searched... I don't know that the issue is.
  Version is 14.3.0 of the Java Preferences app.
  On my MacBook Pro 2.4GHz Intel Core 2 Duo (early 2008)

  I installed Java when Illustrator CS6 prompted me (apparently it does a Java test, even though on other Mac --Mac Pro running 10.6.8 with Java disabled-- Illustrator doesn't use Java)...
  On my fresh install of Mt. Lion on my MacBook Pro, I installed the Java Preferences app from the OSX Installer > Packages > Java Essentials after CS6 had prompted me to install Java...
  The System Preferences does not have a Java item, which is weird... I am not sure why.
  I disabled Java in all the Web browsers (I wish that was a global setting for all users [I have two]).  I do have to enable Java on occassion for Facebook-Skype chat (yuck).
  So, the browsrs have Java disabled.  But the Java Preferences app always shows "Enabled / On" checked.  I thought had had turned it off (unchecked), but when launching CyberDuck, I see that it's still enabled with no way to turn it off.

• HT1212 iPhone4 6.1.3 Disabled issues

  Last week , I purchased an iPhone4 6.1.3. I HAVE NOT synced it with iTunes yet. I originally had is set for Setting, General , Passcode Lock 'ON' and used that passcode for one day. After that day, I didn't like the passcode as it was hard to type , a 4 digit code. I went back into settings, general, passcode lock and went to change my passcode.. as I was doing this , I noticed there was a way to make it alphanumeric.. started typing then thought this was not going to be user friendly, then went back to a 4 digit code and set a new password. After that, I got the passcode lock screen, then tried the original, then the new one I set it to.. neither one worked. I tried 0000 and 1111.. It locked the screen and had me try back in minutes, then 60 minutes.. etc.. until it DISABLED the phone. After it was disabled, I read online about how to recover the phone correctly from apple ( see link http://support.apple.com/kb/HT1212 ), . After following the directions to the T, and running the restore on my phone, it is STILL DISABLED , and I am not able to use my less than 1 week old phone. I am getting upset that after waiting for the restore in iTunes to run ( which , due to my slow connection, took 8-12 hours) - this was supposed to be the final answer for me. I am still not able to use my new phone. Please help! I am computer literate and have tried everything that is recommended. I noticed that there is another user with a similar issue ( see https://discussions.apple.com/thread/5156012?tstart=0 ). Is there another procedue to run? My wife has purchased and iPhone4 the same day and has had no issues. She has synced her phone on her side of our PC. Is there a way I can use her synced iPhone file to restore mine? I don't care if I wipe all my information off my phone as I have mo previous files, photos, etc.. even if it wipes my contacts.. I am good with that as well, my phone has the following information on the box - MD127LL/A iPhone 4 , Black , 8G - Model A1332 UPC 885909499458 m (1P) Oart No. MD127LL/A , (S) Serial No. DX*******P0N , Carrier Part No. 65488. My phone provider is AT&T. I purchased the phone about 8PM MST on July 3rd 2013. I used the phone that day, then locked it July 4th at about 9:30 pm, just in time for fireworks and haven't used it since. PLEASE HELP!! I noticed another comment not addressed on this as well - see https://discussions.apple.com/message/15901781#15901781.
  IF THIS IS POSTED FOR PUBLIC VIEW - PLEASE REMOVE MY PHONE SER# AND OTHER VITAL iPhone4 INFO... THANK YOU!
  <Personal Information Edited by Host>

  Last week , I purchased an iPhone4 6.1.3. I HAVE NOT synced it with iTunes yet. I originally had is set for Setting, General , Passcode Lock 'ON' and used that passcode for one day. After that day, I didn't like the passcode as it was hard to type , a 4 digit code. I went back into settings, general, passcode lock and went to change my passcode.. as I was doing this , I noticed there was a way to make it alphanumeric.. started typing then thought this was not going to be user friendly, then went back to a 4 digit code and set a new password. After that, I got the passcode lock screen, then tried the original, then the new one I set it to.. neither one worked. I tried 0000 and 1111.. It locked the screen and had me try back in minutes, then 60 minutes.. etc.. until it DISABLED the phone. After it was disabled, I read online about how to recover the phone correctly from apple ( see link http://support.apple.com/kb/HT1212 ), . After following the directions to the T, and running the restore on my phone, it is STILL DISABLED , and I am not able to use my less than 1 week old phone. I am getting upset that after waiting for the restore in iTunes to run ( which , due to my slow connection, took 8-12 hours) - this was supposed to be the final answer for me. I am still not able to use my new phone. Please help! I am computer literate and have tried everything that is recommended. I noticed that there is another user with a similar issue ( see https://discussions.apple.com/thread/5156012?tstart=0 ). Is there another procedue to run? My wife has purchased and iPhone4 the same day and has had no issues. She has synced her phone on her side of our PC. Is there a way I can use her synced iPhone file to restore mine? I don't care if I wipe all my information off my phone as I have mo previous files, photos, etc.. even if it wipes my contacts.. I am good with that as well, my phone has the following information on the box - MD127LL/A iPhone 4 , Black , 8G - Model A1332 UPC 885909499458 m (1P) Oart No. MD127LL/A , (S) Serial No. DX*******P0N , Carrier Part No. 65488. My phone provider is AT&T. I purchased the phone about 8PM MST on July 3rd 2013. I used the phone that day, then locked it July 4th at about 9:30 pm, just in time for fireworks and haven't used it since. PLEASE HELP!! I noticed another comment not addressed on this as well - see https://discussions.apple.com/message/15901781#15901781.
  IF THIS IS POSTED FOR PUBLIC VIEW - PLEASE REMOVE MY PHONE SER# AND OTHER VITAL iPhone4 INFO... THANK YOU!
  <Personal Information Edited by Host>

• Disable 'Issue Output To' in VF02

  Dear Expert,
  I have question on how to disable an Billing Invoice from issueing to output for printing in VF02, by checking whether the invoice has been marked cancel or not. If the invoice has been marked as cancel, it should not be able to print.
  I have been thinking of using USEREXIT_PRINT_HEAD for enhancement, but is this the correct userexit to use?
  How am I going to enhance by using this userexit if this is the correct one?

  Hi all,
  Thanks for replying.
  V05N0001 is a customer exit right? Is there any different between a user exit & a customer exit?
  I would like to disable printing 'issue output to' in VF02. Below is the scenario.
  Cancellation is applied on document header, once there is cancellation, all the item in the original invoice will be cancel. Thus, when user go to VF02 with the original invoice number, and click on u2018billing document > issue output tou2019 on title bar, system should disallow user to use the print button to print out the invoice.
  Regards, Jeff
  Edited by: Jeff Khoo on Dec 23, 2010 4:01 AM

• Two issues: Mail dotcom is now telling me to enable java in my browser and firefox has issues w/duckduckgo search engine. I am not allowed 2 instal DDG n search

  2 issues: After a windows update on 5 10 2012, maildotcom says I need to enable java in my browser, when as far as I can tell, it is.
  Second issue is, I am not able to add duckduckgo as my preferred search engine. I get a pop up in search tool add-ons that says "sorry, you need a Mozilla based browser to install a search plug in."
  Why and how can these irritations be fixed?

  '''''<u>NoScript</u>'''''<br />
  *To add a site to the NoScript "whitelist" ('''always allow''') --> when on the site, click the NoScript icon and choose "Allow ''site''"; the site will be placed on the NoScript Options > Whitelist (non-italicized).
  *If you click "Temporarily allow ''site''", the site will be allowed during the Firefox current session (until you close/exit Firefox) and will be placed on the NoScript Options > Whitelist (italicized) and will be removed from the whitelist when you close/exit Firefox.
  *NoScript Whitelist --> click the NoScript icon, choose Options, click the Whitelist tab
  '''''<u>DuckDuckGo</u>''''' (you probably would want 1 & 3 or 2 & 3)<br />
  #This adds a DDG '''toolbar''' and says it adds the "''encrypted (HTTPS / SSL) version of DuckDuckGo in your '''search bar'''"'' --> https://addons.mozilla.org/en-US/firefox/addon/duckduckgo-ssl/
  #You can '''add only an item to the Search Bar''' (without a toolbar) by choosing one of the items here --> http://mycroft.mozdev.org/search-engines.html?name=duckduckgo&opensearch=yes
  #You can '''change the Location Bar search''' (replacing the default Google search) by following these instructions --> http://ilias.ca/blog/2012/03/how-to-make-firefox-use-duckduckgo/
  This DDG page says there is some problem installing DDG plugins but does not explain the problem or who is responsible for fixing the issue
  *http://help.duckduckgo.com/customer/portal/articles/216441-firefox
  '''If this reply solves your problem, please click "Solved It" next to this reply when <u>signed-in</u> to the forum.'''
  Not related to your question, but...
  You may need to update some plug-ins. Check your plug-ins and update as necessary:
  *Plug-in check --> http://www.mozilla.org/en-US/plugincheck/
  *Adobe Shockwave for Director Netscape plug-in: [https://support.mozilla.org/en-US/kb/Using%20the%20Shockwave%20plugin%20with%20Firefox#w_installing-shockwave Installing ('''''or Updating''''') the Shockwave plugin with Firefox]
  *'''''Adobe PDF Plug-In For Firefox and Netscape''''': [https://support.mozilla.org/en-US/kb/Using%20the%20Adobe%20Reader%20plugin%20with%20Firefox#w_installing-and-updating-adobe-reader Installing/Updating Adobe Reader in Firefox]
  *Shockwave Flash (Adobe Flash or Flash): [https://support.mozilla.org/en-US/kb/Managing%20the%20Flash%20plugin#w_updating-flash Updating Flash in Firefox]
  *Next Generation Java Plug-in for Mozilla browsers: [https://support.mozilla.org/en-US/kb/Using%20the%20Java%20plugin%20with%20Firefox#w_installing-or-updating-java Installing or Updating Java in Firefox]

• Virus attack on page load thru Java plugin, which won't take "Disable" - re-enables itself - like a virus.

  As a page loaded, there were Java update popups. The virus went right past updated Avast & AdAware and immediately took over my PC. Spoofed an anti-virus app that needed "activation" (with my Credit card of course). After 3 days of scans & scrubbing that showed a dozen of so viruses & trojens (inc. in my restore pts), I want to disable Java until I need it on a trusted site.

  Does the ext directory have the php_oci8.dll? In the original steps the PHP dir is renamed. In the given php.in the extension_dir looks like it has been updated correctly. Since PHP distributes php_oci8.dll by default I reckon there would be a very good chance that the problem was somewhere else. Since this is an old thread I don't think we'll get much value from speculation.
  -- cj

• Publishing site and webpart disable issue

  I have installed SharePoint 2013 server and did the following.
  1. Created a web application
  2. Create a Site Collection
  3. Selected "Publishing" template
  4. Assigned "Site Collection Administrator"
  5. I then tried accessing root site through client browser http://portal.mydomain.com
  6. I went into the settings and selected "EDIT" to change the layout and changed into Two Columns layout and deleted default webparts except "Documents"
  Now when I want to add a webpart like i used to do in SharePoint 2010 nothing happens and it seems like the webpart button is disabled.  Here is the snapshot ..Please guide how to add webparts and what to do to bring the webparts dialogue like in 2010
  version.

  It seems there are issues with Internet Explorer default viewing compatibility. For those who are banging their heads with IE 9/10 ...here is the solution
  1. Access your site in Internet Explorer....
  2. Press F12 key (developer tools)
  3. do settings as below.
  Cheers!

• Ideapad u430p adaptive brightness disable issue

  Hello,
  I have an issue with turning adaptive brightness(brightness changes depending on what the screen is showing) off for u430p(both plugged and unplugged). I have tried it multiple ways:
  From intel control pannel,
  From services (disabled sensor)
  In power management I even have adaptive brightness off (both plugged and unplugged)
  If anyone found a fix for this particular model, please let me know. It drives me insane and don't know why they haven't made this option to be easily disabled.
  Thanks in advance.
  Solved!
  Go to Solution.

  Hi,
  I had the same issue, it was present on both linux and windows. The laptop came with BIOS 7CCN34WW and even though it is not mentioned in the changelog, upgrading to 7CCN61WW fixes the problem.