Microsoft Stealth Update and Windows XP repair don't mix
Remember that Stealth Update I talked about a couple of weeks ago? The one that Microsoft sent down the pipes to XP and Vista users and installed it irrespective of whether the user had given consent for updates to be installed? Remember too how the apologists claimed that there was nothing wrong with how Microsoft had behaved 
Full image gallery available here
Information uncovered by Scott Dunn of WindowSecrets.com indicated that a bug in this update prevented users from being able to download and install patches on XP systems that have been repaired:
However, after running the repair option from an XP CD-ROM, Automatic Updates defaults to "on," and the new 7.0.600.381 executables are automatically downloaded and installed. These new executables fail to register themselves with the operating system, preventing Windows Update from working as intended. This, in turn, prevents Microsoft's 80 latest updates from being installed.
Testing
I was lucky enough to get early access to this information, and regular readers by now must know that over at the PC Doc HQ we don't take anything for granted - so we set up a few systems to see if we could replicate this issue.
We approached this issue in much the same way that we approached the initial claims of a stealth update - with a healthy level or skepticism. Because of this we set up several test rigs (with varying hardware configurations) onto which we installed Windows XP. We then bought the OSes up to date with regard to patches and then booted up the systems off the Windows XP CD and carried out a system repair.
After carrying out the repair we rebooted the systems and tried to update the OSes so that they was up once again to date with patches. In all cases we were shocked to find that we couldn't update the systems. Windows Update informed us that it needed to update itself,
In case you're wondering, we also waited to see if Windows Update would fix itself if left to run in the background automatically based on a schedule. We waited, and waited, and waited, but nothing happened. Without a doubt, Windows Update is totally broken.
What to do if you are affected -->
A fix or two
The issue, as Dunn correctly concludes, is down to the update that Microsoft released upon Windows users stealthily back in late August. On a repaired XP installation this update (identified as version 7.0.6000.381) is not registering itself properly and as a result isn't working properly. This could mean that systems that have been repaired are left unprotected because they are running at a patch deficit.
Dunn offered two different fixes for this issue. We tested both and concluded that both will work - so if you're suffering from this problem you’ve got a choice, with the batch file solution being simplest.
Manually register the unregistered DLL files
The first method we tried for fixing the problem was to manually register the following seven DLL files:
- wuapi.dll
- wuaueng1.dll
- wuaueng.dll
- wucltui.dll
- wups.dll
- wups2.dll
- wuweb.dll
There are several ways to do this but the simplest was to create a batch file to automate the process as much as possible. The file is a simple text file containing the following commands:
regsvr32 /s wuapi.dll
regsvr32 /s wuaueng1.dll
regsvr32 /s wuaueng.dll
regsvr32 /s wucltui.dll
regsvr32 /s wups.dll
regsvr32 /s wups2.dll
regsvr32 /s wuweb.dll
Running the batch file registers the named DLL files. After registering the DLL files we tried the Windows Update process again and discovered that it worked fine this time, downloading and installing the 80 updates.
If you're interested in the batch file to register the DLL files but don’t want to create your own, you can download that from here.
Force an install of an older version of Windows Update files
Another fix is to download an earlier version of the Windows Update files and force a reload of these over the top of the later, buggier versions. You can download Windows Update Agent 3.0 from here (scroll down to Step 2 to find the update).
But fixing this issue isn't as straightforward as installing the update. Because you're trying to install old files over newer ones, you have to force the update. To do this you have to run the update from the command line or Command Prompt and use the /wuforce switch.
Again, running this update allows the Windows Update process to download and install updates properly.
Conclusion
This issue highlights why it is vitally important that Microsoft doesn't release undocumented updates on the sly. Even the best tested update can have unpleasant side-effects, but if patches are documented properly and released in such a way that users (especially IT professionals) know they exist, it offers a necessary starting point for troubleshooting.
Microsoft needs to urgently address this issue and come up with a better policy for updating all Windows components. This should also be the last update that is sent to users stealthily and the last undocumented patch. Clarity and honestly is of vital importance and Microsoft needs to learn some lessons from this episode. When users state a preference for not wanting any updates installed on their systems without first OKing them, there's a reason for that - so that testing can be done and care taken to make sure that future problems are avoided, or at least mitigated.
Thoughts?
<< Home >>