It should come as a pleasant surprise that you’re unlikely to find any new patches in Windows Update this week.
However, Windows Update is itself getting a silent update. Here are a few tips to avoid hiccups during the process.
Flame malware exposes a new attack vector
As reported in a June 6 special edition of Patch Watch, the Flame malware exposed a new way to attack computers: using a weakness in security certificates. Flame allowed attackers to trick a computer into connecting to a rogue Windows Update server — one not under the control of Microsoft. As a result, Microsoft released a new Windows updating engine that hardens the Windows Update Service, as documented in MS Support article 9490104. It should prevent a malicious hacker from spoofing an update while you’re trying to patch your computer.
I started to see the Windows Update update last weekend. It should be a silent fix (meaning you probably won’t see it in Windows Update) for all Windows workstations, and it’s not likely to cause problems. If you launch Windows Update or Microsoft Update before the patch gets installed, a popup message will warn you to install the Windows Update Agent patch.
To see whether you’ve received the patch, click Start and enter windowsupdate.log into the search box. After you hit Enter, the update log file will open in Notepad. Search for WU client version 7.6.7600.256 using Notepad’s Find function. You should see the listing highlighted in Figure 1.
Some Windows XP systems might be using Windows Update and not Microsoft Update as their patching engine. On those systems, your log file might be windows updates.log (note the space). In either case, you’ll find the logs in the C:\Windows folder. (For more info on the Windows Update log file, see the July 23, 2009, Top Story, “Learn to read the obscure WindowsUpdate.log file.”)
Some rare hiccups for the Windows Update fix