Microsoft 'Stealth Update' Proving Problematic 257
DaMan writes "According to the site WindowsSecrets, the stealth Update that Microsoft released back in August isn't quite as harmless as the company claims. The site's research has shown that when users try to do a repair to XP subsequent to the update, bad things happen. 'After using the repair option from an XP CD-ROM, Windows Update now downloads and installs the new 7.0.600.381 executable files. Some WU executables aren't registered with the operating system, preventing Windows Update from working as intended. This, in turn, prevents Microsoft's 80 latest patches from installing -- even if the patches successfully downloaded to the PC.' ZDNet's Hardware 2.0 has independently confirmed that this update adversely affects repaired XP installations: 'This issue highlights why it is vitally important that Microsoft doesn't release undocumented updates on the sly. Even the best tested update can have unpleasant side-effects, but if patches are documented properly and released in such a way that users (especially IT professionals) know they exist, it offers a necessary starting point for troubleshooting.'"
I've run into this and the fix isn't hard. (Score:4, Informative)
At the command prompt, type the following commands, press ENTER after each command, and then click OK every time that you receive a verification message: regsvr32 wuapi.dll
regsvr32 wuaueng1.dll
regsvr32 wuaueng.dll
regsvr32 wucltui.dll
regsvr32 wups2.dll
regsvr32 wups.dll
regsvr32 wuweb.dll
Once that is done, you'll be able to use Microsoft Update again.
Re:Why did no antivirus s/w pick this up? (Score:4, Informative)
2) For the few behavioral antivirus software, my guess is that they're monitoring activity under some user accounts, and that they're not able to monitor activity of the "System" accounts and other special accounts.
Re:My experience (Score:3, Informative)
I can't speak to the internal reasons behind windows decision to include that feature (though I have a couple good guesses), but based on the number of people I know who think a backup is when the white lights come on at the back of the car, its a much needed feature. This is what backups are for people. No matter what OS. a proper backup scenario would allow recovery from any problem like this. In the linux world, due to plaintext config files and the modular nature of the system, you can even restore selective parts of the system and get back to a usable state pretty easily.
SO to answer your question about system restore in linux, just keep good backups of
Re:I've run into this and the fix isn't hard. (Score:3, Informative)
Go to http://windizupdate.com/ [windizupdate.com] with a supported (non-IE) browser.
Once that is done, you'll never have to use Microsoft Update again.
That's something you can tell your grandmother over the phone.
That explains the trouble I had! (Score:2, Informative)
"This, in turn, prevents Microsoft's 80 latest patches from installing -- even if the patches successfully downloaded to the PC."
That the trouble I had recently! A few weeks ago, a friend asked me to clean up three of her family computers that were crawling with spyware/adware, and trojans, as well as upgrade them from WinXP Home to WinXP Pro. I got them cleaned up fine, and did the upgrade. After booting to the desktop the first time, I ran Windows Update to grab the latest patches. On all three machines, WU would install some needed components, reboot, download all outstanding patches (approximately 80+), and then fail on the install on every single update.
Windows Update would NOT run without erroring out. It took me a few hours to realize I had to manually re-register all of the components for windows update, after which I also had to delete ALL of the downloaded patches, as well as all of the $NTUninstallKBXXXXX stuff.
Then again, maybe I just did the update wrong three times in a row?
Re:Why did no antivirus s/w pick this up? (Score:5, Informative)
And if antivirus s/w firms do not know systems programming, why do they exist at all? Looks like most anti-virus programs have been configured / patched NOT TO REPORT this particular stealth update... I cannot see any other logical explanation for this lapse
Like I mentioned, it seems that you have not ever been a Windows admin, nor have ever dealt with a large roll-out of a system patch.
Whether or not the AV program runs under a user process (highly unlikely) or a system process, it doesn't matter. You're ignoring what AV programs are looking for anyway. If a trusted process and service (windows update) run by a trusted user (SYSTEM), the chances that the AV program is even going to log such activity is doubtful. As far as the AV program is concerned, the service (Windows Update) is doing it's job...which in a way, it is. Windows Update has the control to change system files. No big secret there.
You seem to think that every time a system file gets updated by whatever process, that should be flagged and prevented. It's not some rogue program that is being run to update the files, it's the WU service that's on every single XP (and other MS OS's) machine out there.
Like I said, I'm not defending MS on this...no one I bitch about more. But to say that the AV companies have culpability on this, that's off the mark. A trusted Windows service did what it was built to do. Nothing to see here. Move along.
Re:Following your train of thought (Score:1, Informative)
More to the point, they don't need to. Software design being what it is, a project of even moderate complexity is guaranteed to have bugs. If it is in C++, it will most likely have buffer overflows or memory leaks. If it touches the network, there will be security issues. And if you have refined your product to the point where all obvious defects are eradicated, you can easily introduce more by adding a few features, supporting more or newer standards, or merging with another product.
So Microsoft can keep shipping updates indefinitely, even without intentionally introducing malicious code. And that won't change without a major improvement in software engineering or a major shift in consumer interest from new software to stable software.
Re: windows and linux problems (Score:3, Informative)