Re: 2000 SP4 Released - Officially

knapier_at_CONNECTURE.NET
Date: 07/02/03

  • Next message: Collins, Thomas L: "Re: 2000 SP4 Released - Officially" 
    Date:         Wed, 2 Jul 2003 12:11:45 -0400
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

    Russ: Resubmitting without the extra text as requested.

    I'm was not going to post this to the list because I was not sure I'd
    recommend it.
    However, what I did to remove most of autoupdate is not pretty but basicly
    works.
    You can do this via a couple different remote methods.

    Applying sp4 without autoupdate (sorry you can only remove it after the
    first boot after the sp installs)

    [preinstallation: modifiy the extracted sp4 files]
    step 1. Edit au.inf and comment out the registering of the core dll
    Please note that even though this file is listed in the checksum file, it
    does get installed. This will not stop wuau from getting installed, but
    will stop it post installation from getting re-installed later. The reason
    this gets installed reguardless is update.inf installs all the registration
    entries by hand, and does not use au.inf; and update.inf cannot be modified.
    [AU_regsvr_rule]
    ;11,,wuaueng.dll, 1 ; 1 means call DLLRegisterServer
    ; Commented out to not install autoupdate service

    [post sp4 installation]
    You will need to do this via a remote method such as
    sms,loginscripts,remotecmd, or any number of other ways. Personally I just
    used a little sms package along with a wise script
    I already had for sp3.

    step 2: net stop bits and wuau services)
    step 3: unregister wuaueng.dll; this will remove the service, but leave the
    control panel app, and basicly still leave it installed should you ever need
    it, you could simply re-register the dll. regsvr32 /u /s wuaueng.dll;
    regsvr32 /u /s wupdinfo.dll. Dont bother deleting as this are WFP protected
    files. (though you could do it if you truely wanted)

    step 4: Change the bits services to disabled.
    HKLM\System\CurrentControlSet\Services\BITS\Start
    ValueName: Start (DWORD)
    Value: 04 (disabled)

    Additionally I changed the "Imagepath" value to
    "%SystemRoot%\System32\svchost-REMOVE.exe -k BITSgroup" to ensure it is
    unable to start. If you like you could do this with the WUAU service as
    well, but then there is no need to unregister the wuaueng.dll. I prefer the
    unregister method personally.

    --Slipstream based fresh installation--
    This will stop it from getting installed via a fresh installation from a
    slipsteamed
    sp4 cd.

    step 1. Comment out the au.inf entry in i386\au.inf
    [AU_regsvr_rule]
    ;11,,wuaueng.dll, 1 ; 1 means call DLLRegisterServer
    ; Commented out to not install autoupdate service

    Believe it or not that's all you need to do for a new slipsteam install
    without autoupdate.

    Removeal Under win2003 enterprise (likely all versions)

    -post installation-
    Simply unregister wuaueng.dll; this version actually will cleanly uninstall
    itself.
    disable bits service.

    -installation from cd- (you will need to make a new cd, or install from the
    network)
    Same instructions as for a sp4 slipstream.

    Observation:
    I'm certainly no MS basher, but like many have mentioned before while
    windows patch management and distribution is better then that of about every
    other OS I've used it still is not where it needed to be. Windows Update is
    a great concept in general, however microsoft has a LONG way to go in making
    this work correctly, and making it configurable to an admins liking. There
    is no way in hell at this point in time I want my win2kservers or even the
    200 win2kpro clients at our organization connecting to the internet
    downloading patches and selfinstalling. By default WU in sp4 will only
    download the patches and not automaticly install them. But I ask the
    question, why must we waste all this bandwidth and drive space? (or so it's
    not that bad, but still it's a total waste) I have just started lookin into
    the SUS, as this method seems ALOT better, at least I can control what
    updates get made available. One thing to note with all this is I have not
    tested what happens when you apply SP4 to a client system that is using the
    SUS version. My assumption is there is no problem and it keeps your existing
    settings...but we all know about assumptions :). Also I have found no way
    to disable the automatic seach the web for drivers update mentioned in the
    sp4 EULA. The assumption there is that it uses windows update to do this,
    and if removed should fail.

    Lastly I'd call on microsoft to re-issue\update there sp4 installer to
    include yet another new switch to disable the file consistancy checks during
    the sp4 update so that admins can customise what we have done to our
    systems. I understand why they dont want to do that, but I have to ask? why
    suddenly was that added? If they will not do that they need to distribute a
    tool that will remove cleanly both BITS and WUAU from a windows2000 system,
    or at least provide a clean method of having it not install from the service
    pack. How about at least a KB article on how to rip it out? Thanks MS for
    once again causing another administrative headache. I praise Microsoft when
    deserved, but there autoupdate,activation, and in general trend of sticking
    there fingers into my systems is getting rather annoying.

    -Kevin

    btw: Anyone know how to remove the "windows update" toolbar option in IE?

    oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
    Are You "Certifiable"? Summer's Hottest Certification Just Got HOTTER!

    With a growth rate exceeding 110%, the TICSA security practitioner
    certification is one of the hottest IT credentials available. And now, for
    a limited time, you can save 33% off of the TICSA certification exam! To
    learn more about the TICSA certification, and to register as a TICSA
    candidate online, just go to

    http://www.trusecure.com/offer/s0100/

    oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo

  • Next message: Collins, Thomas L: "Re: 2000 SP4 Released - Officially"

    Relevant Pages

    • Re: NT 4.0 Option Pack on NT 4 SP 6
      ... Ignore the error and continue to install SP6a. ... > Windows Update until we had all the critical updates. ... > that Windows NT 4.0 SP4 or greater is installed on your machine. ... > up on the need to reapply SP6 and any hotfixes, ...
      (microsoft.public.inetserver.iis)
    • Re: Conflicting info between the global Security Bulletin and some SPi Security Bulletin
      ... According the Security Bulletin for the release of SP4, ... you will see that the updated patch was first included in SP3 ... and they install SP 4 when it come out. ... Then they elect to upgrade to WMP 7.1, but they use a download of the ...
      (microsoft.public.win2000.security)
    • Re: Conflicting info between the global Security Bulletin and some SPi Security Bulletin
      ... According the Security Bulletin for the release of SP4, ... you will see that the updated patch was first included in SP3 ... expect it to be included in SP4 and me NOT needed to install it on a W2K4. ...
      (microsoft.public.win2000.security)
    • Update.exe Application Error - with security updates
      ... having with two seperate notebooks running Windows ... When I click ok Windows Update indicates that the update ... problem before SP4 but was able to install SP4 via SAFE ...
      (microsoft.public.win2000.security)
    • Re: W2K SP4 Hosed our PC - Need Help !!!
      ... >>>>For most computers, a SP install will go well, but of course, some ... >>>>computers will get into trouble. ... >> I don't have exact numbers for the failure rate for our SP4 upgrades, ...
      (microsoft.public.win2000.general)