Forgot your password?
Microsoft Windows

Exponential Algorithm In Windows Update Slowing XP Machines 413

Posted by samzenpus
from the no-pep-in-your-step dept.
jones_supa writes "An interesting bug regarding update dependency calculation has been found in Windows XP. By design, machines using Windows Update retrieve patch information from Microsoft's update servers (or possibly WSUS in a company setting). That patch information contains information about each patch: what software it applies to and, critically, what historic patch or patches the current patch supersedes. Unfortunately, the Windows Update client components used an algorithm with exponential scaling when processing these lists. Each additional superseded patch would double the time taken to process the list. With the operating system now very old, those lists have grown long, sometimes to 40 or more items. On a new machine, that processing appeared to be almost instantaneous. It is now very slow. After starting the system, svchost.exe is chewing up the entire processor, sometimes for an hour or more at a time. Wait long enough after booting and the machine will eventually return to normalcy. Microsoft thought that it had this problem fixed in November's Patch Tuesday update after it culled the supersedence lists. That update didn't appear to fix the problem. The company thought that its December update would also provide a solution, with even more aggressive culling. That didn't seem to help either. For one reason or another, Microsoft's test scenarios for the patches didn't reflect the experience of real Windows XP machines."
This discussion has been archived. No new comments can be posted.

Exponential Algorithm In Windows Update Slowing XP Machines

Comments Filter:
  • On purpose? (Score:5, Interesting)

    by wjcofkc (964165) on Monday December 16, 2013 @06:06PM (#45708429)
    I'm really not sure if I would put it past MS or not to do this intentionally and leave it unfixed while reporting (lying) about trying to fix it in order to force the death of XP on schedule. It seems too obvious.
  • by Anonymous Coward on Monday December 16, 2013 @06:11PM (#45708493)

    The dependency system in dpkg has been shown to be powerful enough to express sudoku puzzles which then APT has to solve to resolve conflicts. Technically still potentially exponential with improper use (I trust Microsoft would find some such non-working model reliably).

  • by bmajik (96670) <> on Monday December 16, 2013 @06:30PM (#45708685) Homepage Journal

    one thing you can do to fix this is the following

    sc config wuauserv type= own

    (the space between "type=" and "own" is important)

    this tells the service manager to put windows update service (WUAUserv) into its own hosting process, e.g. a new/separate instance of svchost.exe

    Another service that can be implicated in updates is the "BITS" service. You can use the same command to isolate it also.

    Anytime I see a svchost.exe instance misbehaving I start isolating the services inside it and then seeing which individual service is being problematic.

  • by ewhac (5844) on Monday December 16, 2013 @07:20PM (#45709267) Homepage Journal
    I couldn't tell you why, but I haven't (yet) observed the described behavior on my XP system. The auto-updater ususally settles down in a matter of minutes.

    No. In my case, it's trying to apply the .NET updates that completely murders my system. Apparently MS wants a gigabyte or so of free disk space on C:\ (and nowhere else) or the update will fail miserably. As it happens, my system partition has about 200MB free space, so the update disappears down a rabbit hole and never completes.

    I used to think it was because it needed a bunch of temporary disk space, so last night I changed the TMP and TEMP environment variables to point to a volume with tons of free space, rebooted (because, you know, it's Windows), set just one of the several .NET updates running, then went off to see The Hobbit. When I returned some three hours later, the update had hung, the disk was idle, C:\ had zero bytes free, and the system log was corrupted.

    Honestly, I don't know why anyone continues to be surprised by Redmond's rank incompetence...


  • by bmajik (96670) <> on Monday December 16, 2013 @07:25PM (#45709331) Homepage Journal


    However, one difference between how I work now vs. how I worked 20 years ago, is that now I am invariably working on somebody else's machine.

    Once upon a time, I used to spend lots of time changing my settings, making customizations to the environment, installing all kinds of tools that made my life easier.

    However, a large portion of my time is spent investigating situations that aren't on my own workstations. Either lab machines or other people's environments.

    I don't want to be paralyzed when I need to work out of my environment. And so I tend not to invest in or assume the presence of tools that aren't strictly necessary to do a particular task.

    This is especially true when there are workable tools included in the default software distribution. So, in the case of isolating bad services, using sc.exe is perfectly sufficient. I know it's going to be there and it's going to work.

    About the only basic productivity tools I frequently install any more on a windows machine are gvim and fiddler, and if the IE F12 tools were just a little bit better, I might be able to stop depending on Fiddler....

  • by BronsCon (927697) <> on Monday December 16, 2013 @09:51PM (#45710463) Journal
    How much, exactly, would you charge for a fully functioning OS and a steady stream of updates until the end of time? I'd like to see the math on this.
  • by Luckyo (1726890) on Monday December 16, 2013 @10:01PM (#45710547)

    Proper software firewall, hand built firewall security policy i.e. all ports stealthed nothing goes in our out without asking (important as it enables you to see if you do get hit regardless of everything else). Essentially machine is autistic to the internet unless there's software running on it that is asking for connection. This weeds out most of the problems.
    I followed up by going through process list and weeding out everything I didn't need. The windows notification process to (dysfunctional) WAU and so on. If it's not needed, disable it, as it's a potential vector.
    Use a decent block list. I used peerguardian's malware/known botnet blocklist. It severely cuts down on number on potential infection sources and again, it lets you spot a potential threat that has gotten through as such software would likely start hitting known botnet addresses for control information.
    Sane antivirus. Specifically one that isn't too sensitive, but isn't too aggressive. Check everything with it.
    Reasonably updated internet facing software. That's browser, mail software and so on. It may also help to sandbox these with something like sandboxie (I didn't bother because I kept them up to date and felt that was enough, now that I no longer do so on this machine I sandbox the browser and email software).

    Effectively a mix of sane security policy, locked down machine and common sense. What most people appear to not understand on /. is that windows being vulnerable isn't the end of the world, nor is it a guarantee of infection. You still need an infection vector and infection source in addition to vulnerability to get infected, and locking those down is often enough, as long as you're not someone like Valve who is going to get hit by specifically tailored directed attack, you're going to be fine. Or at least much better off than someone who's all updated but doesn't secure infection vectors or infection sources.

  • Planned obsolescence (Score:4, Interesting)

    by h00manist (800926) on Monday December 16, 2013 @10:44PM (#45710775) Journal

    "Tried" several times to patch an error but "couldn't". "Coincidence" that it is planning to retire the platform. Smells a lot like planned obsolescence. Helps sell more junk products that become useless faster. Buy a new one!

  • Re:No Sympathy (Score:5, Interesting)

    by localroger (258128) on Monday December 16, 2013 @11:16PM (#45710913) Homepage
    This is really unrealistic. What if the original hardware supplier is out of business or has discontinued the product line? The supply chain for many industrial systems of this type can be 10 levels deep, and it's simply impossible (unless you make the kind of hyper-expensive arrangements the military does so that they can keep 50's era computers running today) for contractors in that chain to do as you suggest. Commodity computers are so powerful and cheap with such ubiquitous development tools and talent that it's hard for suppliers to ignore what's available just because traditional ideas of longevity can't be trusted.
  • by recoiledsnake (879048) on Monday December 16, 2013 @11:56PM (#45711117)

    Why? People paid good money for working supported product. Just because Microsoft wants to bait and switch doesn't make it right. I hope some deep pockets corporation sues the bejesus out of them to force this issue.

    I don't see a bait and switch. People knew(or could find out if they wanted) the EOL dates before they purchased it with their "good money", and MS has been extending them since many many years even though they didn't have to. That sounds exactly like the opposite of a bait and switch.

    Want to check the EOL for Windows 8 before purchasing? Here it is []

  • Re:No Sympathy (Score:5, Interesting)

    by viperidaenz (2515578) on Tuesday December 17, 2013 @02:47AM (#45711661)

    No, but you can bet there are people sitting on exploits waiting for the security updates to stop.
    Once that happens, their exploits will never be fixed and they've got free reign.

If money can't buy happiness, I guess you'll just have to rent it.