Feeds

Windows Update groans under patch load

Download stampede

  • alert
  • submit to reddit

Internet Security Threat Report 2014

Windows Update struggled to cope with the load created by the release of four security patches on Tuesday night, prompting Microsoft to deploy extra servers to cope with demand.

The four patches, three of which are critical, are designed to address 20 security vulnerabilities affecting a wide range of Microsoft software. Their release created a stampede of users to Windows Update, resulting in slow response times yesterday. Home users trying to download 3.1MB of Win XP updates over dial-up connections were right out of luck, as some readers told us.

By today the sluggish performance problem had largely been resolved. Microsoft US said the number of requests to Windows Update on Tuesday was double the usual volume. In a statement issued to Netcraft, Microsoft US said: "The slowdowns didn't last very long. We've added some system resources to support Windows Update, and are not seeing much trouble anymore."

Microsoft UK played down the issue. A spokeswoman described this week's download demand from Windows Update as nothing out of the ordinary for a monthly "patch Tuesday".

Among the vulnerabilities addressed in patches released this week is a fix for an SSL flaw that left Windows 2000 and NT4 SSL sites open to remote compromise.

Mike Prettejohn, a director at Netcraft, said scanning activity for SSL vulnerabilities across the Net increased last Friday in advance of the release of Microsoft's April patch batch. This hostile behaviour underlines the need to make patches available as quickly as possible, he added. ®

Related stories

MS score card: four patches, 20 vulns, heaps of trouble
MS March patch batch low on peril
Windows Update still standing despite Blaster

Internet Security Threat Report 2014

Whitepapers

Driving business with continuous operational intelligence
Introducing an innovative approach offered by ExtraHop for producing continuous operational intelligence.
The total economic impact of Druva inSync
Examining the ROI enterprises may realize by implementing inSync, as they look to improve backup and recovery of endpoint data in a cost-effective manner.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Simplify SSL certificate management across the enterprise
Simple steps to take control of SSL across the enterprise, and recommendations for a management platform for full visibility and single-point of control for these Certificates.