Microsoft Windows Vista Community Forums - Vistaheads
Recommended Download



Welcome to the Microsoft Windows Vista Community Forums - Vistaheads, YOUR Largest Resource for Windows Vista related information.

You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so , join our community today!

If you have any problems with the registration process or your account login, please contact us.

Driver Scanner

Rogue Update

microsoft.public.windowsupdate






Speedup My PC
Reply
  #1 (permalink)  
Old 04-06-2009
JBrixey
 

Posts: n/a
Rogue Update
When recently approving a series of updates on my WSUS 3.0 server, I had an
additional update get approved to one of my update groups.

I had a series of Windows XP security updates that were approved for
deployment to my update testing group. When I returned to work after the
weekly maintenance cycle, I noticed that Windows Internet Explorer 7 had
gotten approved for installation without getting an explicit approval. This
caused the update to be deployed to over 600 computers. While not a terrible
incident to occur, I would rather it not happen again.

Anyone have some idea of how/why an update might get an approval without
being specifically approved?


Reply With Quote
Sponsored Links
  #2 (permalink)  
Old 04-06-2009
PA Bear [MS MVP]
 

Posts: n/a
Re: Rogue Update
[[ Right pew, wrong church. Forwarded to WSUS newsgroup
(microsoft.public.windows.server.update_services) via crosspost as a
convenience to OP.

On the web:
http://www.microsoft.com/communities... date_services

In your newsreader:
news://msnews.microsoft.com/microsof...pdate_services
]]

JBrixey wrote:
> When recently approving a series of updates on my WSUS 3.0 server, I had
> an
> additional update get approved to one of my update groups.
>
> I had a series of Windows XP security updates that were approved for
> deployment to my update testing group. When I returned to work after the
> weekly maintenance cycle, I noticed that Windows Internet Explorer 7 had
> gotten approved for installation without getting an explicit approval.
> This
> caused the update to be deployed to over 600 computers. While not a
> terrible
> incident to occur, I would rather it not happen again.
>
> Anyone have some idea of how/why an update might get an approval without
> being specifically approved?


Reply With Quote
  #3 (permalink)  
Old 04-07-2009
Lawrence Garvin [MVP]
 

Posts: n/a
Re: Rogue Update
> JBrixey wrote:

> I had a series of Windows XP security updates that were approved for
> deployment to my update testing group. When I returned to work after the
> weekly maintenance cycle, I noticed that Windows Internet Explorer 7 had
> gotten approved for installation without getting an explicit approval.


> This caused the update to be deployed to over 600 computers.


Oooops.

> While not a terrible incident to occur, I would rather it not happen
> again.


Hmm.. considering that IE6 is now two revs old, and IE7 has been pretty
stable for a long time, I'm surprised you haven't already upgraded your XP
systems to IE7.

But then... I was surprised when there were still Windows 2000 Pro systems
running IE 5.x product in 2004. :-)


> Anyone have some idea of how/why an update might get an approval without
> being specifically approved?


It can't. Somebody *did* approve it, or else the update was not installed
via WSUS.

The approval history log can be found in %programfiles%\Update
Services\Logfiles\Change.log on the WSUS Server.

The specific vector of installation is logged in each client's
%windir%\WindowsUpdate.log

Review the logs for the forensics.


--
Lawrence Garvin, M.S., MCITP:EA, MCDBA
Principal/CTO, Onsite Technology Solutions, Houston, Texas
Microsoft MVP - Software Distribution (2005-2009)

MS WSUS Website: http://www.microsoft.com/wsus
My Websites: http://www.onsitechsolutions.com;
http://wsusinfo.onsitechsolutions.com
My MVP Profile: http://mvp.support.microsoft.com/pro...awrence.Garvin

Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
New Device IDs Rogue APs Paul Security News 0 05-14-2008 17:50
Rogue KMS box Don microsoft.public.windows.vista.general 1 04-28-2008 20:30
Spotted in the Wild: Rogue Microsoft Update Site Paul Security News 0 02-06-2008 16:30
Spotted in the wild: Rogue Microsoft Update site Paul Security News 0 02-06-2008 15:20
Spotted in the wild: Rogue Microsoft Update site Paul Security News 0 02-06-2008 13:40




All times are GMT +1. The time now is 23:48.




Driver Scanner - Free Scan Now

Vistaheads.com is part of the Heads Network. See also XPHeads.com , Win7Heads.com and Win8Heads.com.


Design by Vjacheslav Trushkin for phpBBStyles.com.
Powered by vBulletin® Version 3.6.7
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Search Engine Optimization by vBSEO 3.6.0 RC 2

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120