All things SMS, System Center Configuration Manager, Active Directory, Group Policy, Virtualization, Security, Gadgets, Technology, and the Daily Thoughts of an SMS Engineer named Anthony Clendenen.

The Daily Ramblings of an SMS Engineer

More on eEye, Rod, ITMU, and WSUScan.cab

August 27, 2006

A long time ago I learned some very important rules of email, which also apply to blogging.  Never, ever, ever, think that anything you write will not be read by your manager, director, head of HR, CIO, President, CEO, Board, wife, friends, customers, future customers, future hiring manager (Hello again!), children, those who don’t care for you, peers, NSA - you get the idea.  Also never assume that what you write or say will be perceived as you think it should, or repeated in context.  And finally never make claims that you are not 100% sure about and can prove.  There are others but these are the pertinent ones to this article.

I also know how hard it can be to bite your tounge when the (public) attack is directed at you and/or your company and that sometimes people are just having a bad day and you catch them at the wrong time.

Let me clear, eEye has some VERY talented people and they do some very good work, they even released a free scanner for 040 just a few weeks ago.  And they do somewhat compete with SMS and Microsoft so maybe that has something to do with their comments.

Below is a message that sheds light on the delay of the re-release of 042, a fix for the ITMU 100% CPU usage and why the WSUSScan.cab was really trimmed down.  This should close the door on this issue.

This is Mike speaking during the POE at MMS 2006 and that is me seated to his left.  Nice write up Mike.

Mike Shultz speaking and me sitting to his left

From: admin@lists.myITforum.com [mailto:admin@lists.myITforum.com] On Behalf
Of Michael Schultz (MCS)
Sent: Friday, August 25, 2006 8:21 PM
To: mssms@lists.myitforum.com
Subject: [mssms] ITMU Issue - 2nd Update



Greetings,



Another update for the ITMU issue. I'll bullet again to be brief:

. The true issue with the 06-042 update being delayed is that
there's a max amount of files that can be placed inside a single CAB file.
(Not an SMS issue) They needed to pull some files from the CAB to reduce
the number below the max. This CAB file is used in our offline scanning
tools (ITMU, MBSA, etc). Online scans are not affected because they store
their information in relational manner rather than requiring a file format
for storage.

. I won't get into it about the EWeek article, as I'm not a
Microsoft spokesperson. The author was inaccurate and used biased quotes
from eEye to support some statements.but if you read the article in the
right lighting and squint enough, there's a glimmer of truth. SMS isn't
flawed, the SMS architecture isn't flawed, and we didn't hold up the patch
because we have a problem with our proprietary distribution engine.but the
point can be argued on either side if you want to get into semantics.

. Regardless, it's policy that we release patches for all
distribution mechanisms at the same time, and because our offline CAB file
needed trimmed, the patch was delayed for two days. While the CAB file was
being trimmed by removing patches that are superseded and unsupported
products, this made the CAB file smaller, which is always a plus.

. The ITMU issue, being investigated at the same time, had been
focusing on patch supersession in the CAB file. The Windows Update agent,
as a whole (not an SMS issue), was having an "algorithmic problem with
supersedence relationship between the 15 copies of the Malicious Software
Removal Tool". The dev team asked for these to be removed from the
WSUSSCAN.CAB file to see if this helped, but they were informed this had
already been done to assist with the 06-042 release.

. Because of the removal of a number of these older patches from the
CAB file, the dev team has seen a significant reduction in the scan times,
and their repro images (where the system would "hang" during the scan)
appear to have their issues resolved. While the team is still working on
ways to reduce the duration of the scan time and the number of scans, "for
most customers, the system unresponsiveness should be gone".

. The best part about this is that the WSUSSCAN.CAB file already
released to include the new 06-042 update should take care of the ITMU
issue. http://go.microsoft.com/fwlink/?LinkId=40751. If folks still
running the ITMU could offer feedback about this, I'd appreciate it.

. Remember.I'm not writing this as an official Microsoft
spokesperson.no warranties or assurances are written or implied.I'm just
looking to help out the community.



Michael S. Schultz

Senior Consultant - MCS East - Mgmt & Ops

Microsoft Corporation

e: michael.schultz@microsoft.com <mailto:michael.schultz@microsoft.com>

c: 860-235-7875

Sent via Office 2007 (v4407) & Windows Vista (v5536.16384)




================================================
Did you know you can also post and find answers on SMS in the forums?
http://www.myitforum.com/forums/default.asp?catApp=0


Original source:

Rod and eEye Square Off
Interesting read if you missed it on patchmanagement.

The Daily Ramblings of an SMS Engineer.

The Daily Ramblings of an SMS Engineer Listen to this article
Filed under: , , , ,

Comments

  • No Comments

Recent Posts

News


Send me an email

View Anthony Clendenen's profile on LinkedIn


I Recommend These Books !

Ron Crumbaker's Book
SMS 2003 Administrator's Reference: Systems Management Server 2003

Andy Dominey's MOM Book
MOM 2005 Field Guide

Greg Ramsey and Warren Byle's Book
SMS 2003 Recipes: A Problem-Solution Approach

Rod Trent's Book
Microsoft SMS Installer (Book/CD-ROM package)

Pro SMS 2003

Professional MOM 2005, SMS 2003, and WSUS

Start to Finish Guide to Distributing Software With Systems Management Server 2003

Microsoft Systems Management Server 2003 Administrator's Companion

Support your community. Donate to myITforum

Add to Technorati Favorites MSN Alerts

Subscribe in NewsGator Online
Google Reader or Homepage
Add to My Yahoo!
Subscribe with Bloglines

Add to My AOL
Add to Technorati Favorites!

Add to Plusmo
Add to flurry
Subscribe in Bloglines
Subscribe in FeedLounge
 Subscribe in a reader
Uniquie Visitors
web statistics
All information is provided "as-is" no warranty is expressed or implied. The information, comments, images, and opinions expressed here are not those of my current or former employers and neither I nor they can be held liable for any content here. Some rights reserved.


Locations of visitors to this page

SMS

Scripting

Other

System Center Configuration Manager 2007

Great Blogs

Copyright - www.myITforum.com, Inc. - 2007 All Rights reserved.
Valid CSS & XHTML
Skin adapted from Arcsin by Kyle Beyer