Wednesday, December 17, 2003

Details on XP SP2 Emerge

Microsoft have started releasing details on what XP Service Pack 2 will look like. All 73 pages worth!

Most of this document describes details of what has previously been disclosed. The details are nevertheless interesting reading!!

Saturday, December 13, 2003

Making the AU client run a little more often

I've been doing a few presentations on Patch Management (see for the slides and pointers) and got asked an interesting question relating to the speed by which an Automatic Update client can request updates from a Software Update Services (SUS) server.

The client is hard coded to go to a server every 22 hours (less a random amount of up to 20%). Thus in 'steady state' each clinet will ask for updates every 17.6 to 22 hours. But what if you want to push out an update a bit faster how can you do it? Turns out there are 2 ways - neither of them very pretty. GPO Workaround

1. Assign a temporary GPO to the appropriate part of the Organizational Unit structure and use security filtering to ensure it applies to the appropriate computers.� Note that this temporary SUS GPO should be of a higher priority then the SUS GPO which is normally in use.�

2. The policy settings within this GPO should be configured to disable the AU client and change the default Group Policy refresh interval for computers to 5 minutes.

3. Force DC replication to occur so that all domain controllers have a copy of the new group policy object.

4. Wait up to 120 minutes for all clients within the OU to refresh Group Policy (default GPO refresh time for domain members is 120 minutes).

5. Amend the policy settings within the new GPO policy so that the automatic updates client is enabled and set to automatic download and automatic installation. Automatic installation should be set to occur 1 hour from the current time.

6. Force DC replication to occur so that all domain controllers have a copy of the changed group policy object.

7. Wait for all the SUS clients to refresh the updated SUS GPO settings (which is now happening 5 minutes).� Once the GPO takes effect, the automatic update clients should begin to download the new update from the SUS server. Installation will begin once the specified time is reached.

8. Once the update has been successfully installed on all target computers, delete the temporary GPO used to make all these changes. Servers will fall back to the existing AU download and installation options once they refresh their Group Policy settings.

----------- Net Stop/Start method

1. From the cmd.exe prompt: net stop "Automatic Updates"

2. Delete HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\LastWaitTimeout (if it exists)

3. Delete HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\DetectionStartTime (if it exists)

4. Make sure that HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\AUState=0x2

5. Net Start "Automatic Updates" Ordered to Change Name in Europe

PC World reports that - has been ordered to Change Name in Europe. The US case is still ongoing, but judges in both Finland and Sweden have given Microsoft an early Christmas gift.

Wednesday, December 10, 2003

Another Internet Explorer Vulnerability

The latest Internet Explorer URL Spoofing Vulnerability, reported by Secunia. This is nasty - as it allows IE to show an arbitrary FQDN in the address bar, which is different from the actual location of the page. Thus, you might see "" in the address bar, yet IE is actually trying to render "www.badsite.XXX".

While most folks reading this will not be likely to get hit by such tricks, the average user may well be. Let's get the patch for this, and get it applied quickly!

Monday, December 01, 2003

The Annotated XML Specification

I've been trying to learn more about, inter alia, XML and XML Web Services. I came across an interesting web page - The Annotated XML Specification, which is what it says, an annotated XML spec. The annotations have been written by Tim Bray (who was a co-editor of the Spec).

Many fine hours of reading ahead!