I had a client pc that was not updating with Windows Updates in our WSUS server. Looking through the logs I was receiving the error "FATAL: WUAutoUpdateAtShutdown failed, hr=80240FFF". On looking through the services, the automatic updates service was missing. Running regsvr32 wuaueng.dll added the service back in but I was unable to start the service with the message "Error 1083: The executable program that this service is configured to run does not implement the service""
I also found that I was unable to start the BITS service. Googling on that came up with the Helpsvc fix application that fixes errors with the help and support service. Downloading and running this application, although seemingly unrelated to my problem fixed both BITS and Windows Updates on the machine. Thanks to the newsgroup posting by Greg Kirkpatrick
Recently in Patches Category
MS06-049 has issues with Windows 2000 and compressed files which could lead to compression. Make sure you read this discussion and the original patch article.
We've had two occurances of Terminal Services and Sql server not responding after the servers had been rebooted after the patches had been applied.
Terminal Services had the service running and using mstsc to the server would result in a message saying the server was not accepting connections. Telnetting to port 3389 would come back with a connection but nothing in the telnet prompt. A reboot of the server cured this problem.
As far as SQL server was concerned, the SQL service had not restarted after the reboot - not sure why as I didn't have time to troubleshoot - I just needed to get the service running, which happened as soon as I launched Enterprise manager and attempted to connect to the server.
Anyone else had similar experiences?
I've had several computers fail to install the MS06-020 patch for Flash - which seems to be caused by having more than one version of flash loaded on the pc in the past. The main solution at KB913433 is to go to the Macromedia site and download the new player directly
How to fix ie freezing when you use the drop down box and the answer (at least official) isn't to use firefox. This is due to a known issue with HP hardware and the MS06-015 / KB908531 patch.
On a related note I was wondering what readers policys on implementing patches are. We tend to wait a week or so to see if there are known issues (like above) but if everyone waited a week to see if there were no issues then this policy isn't very practical. Also testing the patches on machines isn't often very practical either - with a vast array of software on users desktops - most of which I would not use, just how do you test the effect of patches? Even getting hold of a spare box in most companies is unlikely as they are all in use. I've also found that the details in the patch documentation is getting sparser so it is also difficult to tell just what the patch does or what it affects.
And as to firefox - I'm not that impressed with the autoupdate facility for 1.5.0.2 - now most of my extensions don't work and on my home computer they seem to have been ALL wiped out - not sure if that is because it's loaded a new profile or not. I'll look at that later, but having all the extensions disappear is very annoying. The other strange thing is that I wasn't aware of there being any major patches or bugs in firefox - they've kept them pretty quiet unlike the latest MS patches - is there a mozilla security zine like the MS security posts that I should be subscribed to?
Microsoft released 2 more patches yesterday - the day after I manage to schedule a lot of reboots for my customers for the wmf patch. Thankfully it looks like the machines may not need rebooting judging on my xp desktop experience. Hopefully the same will hold true for the server.
I had one customer box not reboot overnight because the boot.ini had been mysteriously changed to boot to a (non-existent) windows 2000 installation. Fortunately the customer mentioned (when I rang them early this morning) that the problem of not finding ntkernel.exe is solved by selecting the other option in the boot sequence....I'm glad they told me this but it would have been better if they had mentioned the problem before so I wouldn't have had to get up early this morning in case I needed to make an emergency stop at their site.....so instead I'm catching up on some blogging.
I must be the only person in the world who wasn't pleased that Microsoft released the wmf patch early on Thursday last week. Everyone else seems to be so grateful that this happened but it was a nightmare for me. Thursday night I was doing a software audit on a lan and I left it scanning the machines overnight. I came in the next morning expecting to sit down and start analyzing only to find that the machine had downloaded the new patch and automatically rebooted - loosing all the scanning results so I had to start again - not so happy. Before you tell me that you can set automatic updates to not do the reboot - I know - this was on a machine outside of my control AND Microsoft had also previously announced that the patch would not be ready until Tuesday.
I'm suprised that Microsoft have released the patch for the wmf flaw last night. They had previously announced that it was going to be made available on Tuesday. Still I guess that installing it today means that a lot of pc's will be protected before the script kiddies get to work this weekend. Unfortunately it does require a reboot (or at least it did on my xp machine)
kb article 909444 has how to fix the issues that may arise when you install Microsoft Security Bulletin MS05-051: Vulnerabilities in MSDTC and COM+ Could Allow Remote Code Execution (902400). Although I've not had any of these issues - yet - this will be good reference for me.
Microsoft are getting round to stopping a client connecting to a network if they are not up to date on patches/av software etc according to Exchange Security. When implemented and hopefully they'll release it for w2k machines later, clients can connect to a different subnet where they can then quickly download av or windows update patches to the machine before they are allowed full access to the network. This will make updating machines a lot quicker whilst protecting the lan (and hopefully force those stinking users to keep their machines up to date rather than ignoring the windows update patches). The faq gives a good rundown on whats needed.
Microsoft have finally released a patch to ie to prevent the phishing attack according to netcraft (and others I guess). Hopefully this won't muck up the browsers too much - I'll be checking out the fallout for this patch on Monday.
According to several places and Neil's World - The fightback, Miranda has been patched to work with Yahoo again but my Miranda hasn't worked for several days now, and the latest patches i downloaded this afternoon after receiving notification that a supposed patch was available has made a little difference - I now get unknown error -1...really helpful :-)
With Microsoft's latest round of patches available this morning (typically on a day that I'm not in the office!) it was interesting to note that there were some NT4 patches on there - you remember NT4 - the OS that microsoft was going to stop supporting on various dates sometime last year. The other weird thing is that my XP box at home downloaded more than 4 patches today - even though there were only 4 patches released.
Hmmm - Microsoft have broken their rule of monthly patch updates this morning with two new critical updates. One for XP Media Center edition (unlikely to be in a business and whose knowledge base article doesn't exist yet.) and another for SQL Server 2000 desktop engine on Windows Server 2003
A useful utility that can be used in conjunction with Microsoft Systems Update Server. If you have a pc that needs installing (or patching) but isn't normally on the lan, then this utility forces the client to update against a named sus server, apply the patches and then on reboot sets it back to use Microsoft's servers. Excellent for patching friends pc's or remote worker pc's who are not normally on the lan and are WAY out of date.
