[Dshield] Several fixes available for critical vulnerabilitiesinMS IE and various flavours of MS Windows

Peter Stendahl-Juvonen peter.stendahl-juvonen at welho.com
Wed Apr 21 13:05:48 GMT 2004


RE: [Dshield] Several fixes available for critical vulnerabilities in MS IE and various flavours of
MS Windows

list-bounces at lists.dshield.org <mailto:list-bounces at lists.dshield.org> wrote on Friday, April 16,
2004 6:03 PM UTC+3 on behalf of 'info TCS'

| Has anyone noticed the problems with the instllation of the Security Update
| for Microsoft Windows 835732? (After installing Security fix KB835732, the
| SYSTEM.exe process uses up 99% of CPU time, and make the system
| non-responsive).
| I read in a post that Microsoft at the moment suggests that "the benefit of
| waiting (for a fix) may not be worth the risk of waiting
| (worms).  This problem isn't happening on every machine - just certain (to
| be determined) machines."
| This kept me up a couple of extra hours last night, so if you haven't
| patched yet: you're warned!
| 
| Henny
| 

Henny et al.


Might this be an alternative explanation to possible problems some Windows users have experienced?


Last week Windows Update clogged up.

MS have admitted the problem and told the problem existed for several hours before situation became
under control.

According to two different media sources, the traffic to the service raised to all time high. At
best, the amount of download data was more than 50 gigabytes per second. The number of visitors per
hour almost doubled.

Several customers were not served properly as the service could not analyze the client systems
correctly in order to determine the correct patches needed. MS resolved the problem by connecting
new, more powerful servers to the net. The company also added a feature that regulates download
speeds in order to balance bandwidth utilization.

The peak load should be no surprise, since the company moved to announce updates once a month and
has several times blazoned how important it is to install the updates ASAP.

(It might not be the bad quality of a given patch but rather the capability to deliver the patch
correctly to the huge numbers of users downloading the patches simultaneously.)


- Pete


          "If at first you don't succeed, try, try again."
            Robert Bruce(1274-1329); King of Scotland.





More information about the list mailing list