Re: Windows Update site

• Previous message: Bob Terry: "Windows Update site"
• Maybe in reply to: Bob Terry: "Windows Update site"
• Next in thread: Josiah DeWitt: "FW: Windows Update site"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date:         Mon, 12 May 2003 22:26:05 -0400
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

FYI, many reports are coming in that the site is up as of 7:50pm Eastern. As of 10:20pm Eastern it was working on my W2K systems (SP3) but not working on WinXP SP1 systems (compared to MBSA.) See copy of Windows Update.log error messages at the bottom of this message.

Summary of answers in order of quantity of like replies;

#1 Date/Time are off.

Best response;

Check system date & time. In my experience, the major Windows Update trouble you describe was caused by wrong year setting. I've seen this on Win98-WinXP, using Windows update versions as recent as last month. A search through the kb articles last month gave links to re-download the Windows Update cabs, etc. but in each case I came across, the client had the wrong date/time, off by more than a year.

Another interesting note on the time issue, is that Windows Time Service generally will not set the clock if off by more than 12 hours. This could explain why WinXp can have the problem with time. Check the system log for W32time error events. If found, manually set the clock, restart the time service and run Windows Update.

Hope this helps, it's just based on the troubles I've seen,
Donovan Bernauer

#2 Site is down.

Best response;

Yes it is down, unless the same non-related error is happening to you and about 5000 machines over here...
Nick Staff

#3 Use HTTPS instead of HTTP.

Best response;

Had the same problem today on three new WinXP installs. I discovered that if you access Windows Update with https instead of http, it worked normally.

Actually that wasn't quite accurate. I found more XPsp1 machines where http isn't initially working with Windows Update (with IE6sp1), but if you access the site once via https://windowsupdate.microsoft.com once, it seems to fix the problem. After doing that, I am able to close IE, launch it again, and access WU successfully via the normal Tools menu option.
Matt Walters

#4 MS changing things.

Best response;

I actually sent a mail to MSRC this afternoon about this. They've migrated the SSL part of windowsupdate to a certificate that's originated from MS's new root CA - and the certificate you need to trust is included in one of the updates. WU dies because it doesn't trust the certificate and (rightly) refuses the content, but only reports an error in the %systemroot%\windowsupdate.log file. However, since there is now no root of trust back to Verisign (or anyone else) the whole concept of PKI and SSL is now invalidated - the way is paved for a DNS spoof of windowsupdate sending out spoofed MS Root CA certificates which would be installed and trusted by anyone visiting the site...

I've had a reply back from MSRC that they're looking into it, but nothing further yet. As and when I get a formal response, I'll post it to the list.
Chris Paget

#5 What problem?

Best response;

seems more odd that if you're doing a lot of them that you haven't configured an SUS server.
Craig Schultz

#6 many more one-off suggestions or tales of experience.

Contents of %systemroot%\Windows Update.log
-----
2003-05-12 22:18:11 02:18:11 Success IUCTL
        Starting
2003-05-12 22:18:11 02:18:11 Success IUCTL
        Downloaded iuident.cab from
        http://windowsupdate.microsoft.com/v4/ to
        C:\Program Files\WindowsUpdate\V4
2003-05-12 22:18:11 02:18:11 Success IUCTL
        Current iuengine.dll version: 5.4.3630.2550
2003-05-12 22:18:11 02:18:11 Success IUCTL
        Current iuctl.dll version: 5.4.3630.2550
2003-05-12 22:18:12 02:18:12 Success IUENGINE
        Starting
2003-05-12 22:18:12 02:18:12 Success IUCTL
        Windows Update Web Site has a valid address:
        http://v4.windowsupdate.microsoft.com/en/default.asp
2003-05-12 22:18:12 02:18:12 Success IUENGINE
        Determining machine configuration
2003-05-12 22:18:12 02:18:12 Success IUENGINE
        Determining machine configuration
2003-05-12 22:18:20 02:18:20 Error IUENGINE
        Querying software update catalog from
        https://v4.windowsupdate.microsoft.com/getmanifest.asp
        (Error 0x800C0008)
-----

Cheers,
Russ - NTBugtraq Editor

oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
EXECUTIVE SEMINAR: "Information Security and the Disappearing Perimeter"

Join Peter S. Tippett, PhD, M.D., the industry's foremost authority on
network security, and TruSecure for a free breakfast seminar on "The Impact
of the Disappearing Perimeter." Learn how you can proactively protect your
organization against today's newest threats, including those from remote
users, business partners and wireless. To register, and to view the full
list of dates and cities, click below or call 1-888-396-8348.

http://www.trusecure.com/offer/s0096/

oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo

• Previous message: Bob Terry: "Windows Update site"
• Maybe in reply to: Bob Terry: "Windows Update site"
• Next in thread: Josiah DeWitt: "FW: Windows Update site"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]