Windows Update - My favorite topic
From: Russ (Russ.Cooper_at_RC.ON.CA)
Date: 07/09/03
- Previous message: Brett Moore: "Re: Windows Media Services Remote Command Execution #2"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 9 Jul 2003 08:53:16 -0400 To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
So I happened to need one of my test machines today. Its been powered off for a week or so. It had Windows 2000 Server with SP3 installed on it. I wanted to make sure it was up-to-date for everything except SP4 and IE 6.0. So, after the logon screen was gone, I went to Windows Update and scanned. 26 critical updates and 10 Windows 2000 updates, hrmmm.
I deselected IE 6.0 SP1 and W2K SP4, and told it to proceed. Its a P2-300, so it took a little while (32MB). I got the prompt to reboot, and logged in again.
While doing some checking I then got one of those annoying cartoon balloons telling me "New Updates are ready to install", from the Automatic Updates icon in the system tray. Hmm, what's this?? I had a look, and it had all of the stuff I had just gotten from Windows Update manually. Hmm, what's this?? So I went back to Windows Update and, to my surprise, it told me I had 26 critical updates and 10 Windows 2000 updates. Hmm, what's this??
So I told Automatic Updates to install them, again! It did, and after I rebooted and logged in again I went back to WU and it told me I had 2 critical updates (the IE6 and SP4 packages) and 10 W2K updates.
All of this gets logged in the Windows Update.log file, but unfortunately there's no indication in the log as to what happens at WU manually, automatically, or via Automatic Updates (that I can determine.) The log says I can look at "IUHIST.XML" for details, but that file doesn't exist.
Sure seems to me that Automatic Updates should've known what I did at WU (since, after all, they share the same log file.) While the downloads don't appear to have happened twice, its hard to know. Maybe Automatic Updates just doesn't record in the Windows Update.log file when it pre-downloads hotfixes (the way it does when you go to WU manually.)
There definitely appears to be a problem between the two processes.
Probably should be noted that the machine in question did not have 329553 installed, which is a WU update to itself that fixes new device driver detection.
Cheers,
Russ - NTBugtraq Editor
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
Are You "Certifiable"? Summer's Hottest Certification Just Got HOTTER!
With a growth rate exceeding 110%, the TICSA security practitioner
certification is one of the hottest IT credentials available. And now, for
a limited time, you can save 33% off of the TICSA certification exam! To
learn more about the TICSA certification, and to register as a TICSA
candidate online, just go to
http://www.trusecure.com/offer/s0100/
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
- Previous message: Brett Moore: "Re: Windows Media Services Remote Command Execution #2"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
