Inconsistencies between Windows Updates and AU/SUS

From: Joe Dance (dancejoe_at_MOORE.SC.EDU)
Date: 09/23/04

  • Next message: Joe Dance: "Changed Firewall Policy in XP SP2" 
    Date:         Thu, 23 Sep 2004 11:50:33 -0400
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

    Three problems have surfaced in relation to Windows Updates and Automatic
    Updates:

    1. We have noticed several times in recent weeks that, while Windows
    Updates will tell us we do not need any patches, the AU client is
    simultaneously telling us that we have patches to install. AU is configured
    to download patches from a SUS server. However, to avoid installation
    errors on new systems, we usually go to WU and install a 1-4 patches at a
    time.

    Previously, I noticed that AU/SUS sometimes provided patches a day or two
    before they became available via Windows Updates, but these recent incidents
    involve patches that have been out for a while. They should have shown up
    on Windows Update.

    2. Also, today, we were patching a Virtual Machine running Win2k Pro under
    VMWare, and the AU client notified us that we needed to install update
    824145 for IE5.01, despite the fact that the host and VM had already been
    upgraded to IE6SP1. And yes, update 824145 applies to all versions of
    IE5.x/6.x, but the listing in the AU notification panel normally reflects
    the currently installed version, not an older version.

    3. The AU notification applet on one machine has the checkboxes
    grayed-out - i.e., it will not allow a listed update to be de-selected. The
    machine in question has AU policies configured through GPEdit.msc. However,
    this behavior is not a related to any of the standard AU policies.

    Advice and suggestions are welcome. Money too.

    Joe Dance
    University of South Carolina 

    ---
[This E-mail scanned for viruses by Declude Virus]
-----
NTBugtraq Editor's Note:
Want to reply to the person who sent this message? This list is configured such that just hitting reply is going to result in the message coming to the list, not to the individual who sent the message. This was done to help reduce the number of Out of Office messages posters received. So if you want to send a reply just to the poster, you'll have to copy their email address out of the message and place it in your TO: field.
-----
  • Next message: Joe Dance: "Changed Firewall Policy in XP SP2"

    Relevant Pages

    • Re: DCOM access try after connecting the internet
      ... I have the same problem all patches etc. wish someone knew. ... i ran windows updates and installed all, ... are there seperate patches to install not picked up by running windows update? ... Those null sessions and the 10003 events ...
      (microsoft.public.security)
    • Problems Since Installing New Windows Updater Software
      ... I have my computer set to receive notification of critical Windows updates, ... When I went to install the update, ... For security reasons I obviously need to fix this. ...
      (microsoft.public.windowsxp.general)
    • Re: Patches/updates needed after SP2 install
      ... online again and get up-to-date with windows updates, ... format, install XP Pro SP2, then go online to get normal windows ... Get rest of patches. ... Install rest of software. ...
      (microsoft.public.windowsxp.setup_deployment)
    • Windows updates
      ... I choose to be notified for Windows updates but to manually download and install them. ... About twice per month I get a notification that a Windows update is available and do I want to download it. ...
      (microsoft.public.windowsxp.general)
    • Re: Install stops/freezes
      ... either the TechNet article that lists the update and the files ... HOW TO Download Windows Updates and Drivers from the Windows Update ... It works fine with the small patches, ... it often stops/freezes in the install stage (nothing ...
      (microsoft.public.windowsupdate)