By Brian Prince
September 27, 2007
Updates quietly deployed by Microsoft in July and August could prevent
Windows XP users from installing up to 80 recent patches.
Microsoft officials say they are investigating reports that files the
company deployed this summer prevent Windows XP users who run a built-in
"repair" function from installing as many as 80 of the company's latest
"We are aware of reports about customers not being able to download some
updates from Windows Update when using the latest version of the Windows
Update client and after reinstalling Windows XP system files from CD," a
Microsoft spokesperson said Sept. 27. "We take this issue very seriously
and are investigating the root cause of this behavior and what options
are available to address it."
The issue was brought to light by Scott Dunn, a writer and associate
editor with Windows Secrets Newsletter. According to Dunn, the problem
is stealthy updates deployed by Microsoft in July and August. The files
prevent Windows XP users who utilize the repair function from installing
In the newsletter, Dunn explained that after a user employs the repair
option from an XP CD-ROM, Windows Update downloads and installs the new
7.0.600.381 executable files. Some of the Windows Update executables are
not registered with the operating system, which in turn prevents Windows
Update from working as intended.
"We have tested and confirmed that the silent updates actually prevent a
repaired copy of Windows XP from loading the latest patches," Dunn said
later in a statement. "We initially thought Microsoft's stealth update,
though unwise, was harmless. But that is not the case, because it
cripples the updating process on XP after the repair option is used."
The repair function takes Windows back to its original state if a
computer is unable to boot up.
According to Dunn, a few users of the repair option relayed their
problems to Windows Secrets after the newsletter on Sept. 13 revealed
"silent installs" by Microsoft.
Microsoft, based in Redmond, Wash., urged customers that are
experiencing this issue to contact customer service.
CSI 2007 is the only conference that delivers a business-focused
overview of enterprise security. It will convene 1,500+ delegates,
80 exhibitors and features 100+ sessions/seminars providing a
roadmap for integrating policies and procedures with new tools
and techniques. Register now for savings on conference fees
and/or free exhibits admission. - www.csiannual.com