Microsoft update brings PCs to a standstill

Something seems to have gone horribly wrong in an untold number of IT departments on Wednesday after Microsoft installed a resource-hogging search application on machines company-wide, even though administrators had configured systems not to use the program.

"The admins at my place were in a flap this morning because Windows Desktop Search 3.01 had suddenly started installing itself on desktops throughout the company," a Reg reader by the name of Rob informs us. "The trouble is that once installed, the indexer kicks in and slows the machines down."

The blogosphere is buzzing with similar reports, as evidenced by postings here, here and here.

"I'm slighly ****ed of [sic] at M$ right now," an admin in charge of 3,000 PCs wrote in a comment to the first aforementioned link. "All the clients have slowed to a crawl, and the file servers are having problems with the load."

A Microsoft spokeswoman said she was looking in to the reports.

According to Reg tipster Rob, Window Server Update Services forced Windows Desktop Services 3.01 on the fleet of machines even though admins had configured their system to install updates only for existing programs and the search program wasn't installed on any machines (well, until then, anyway).

It's been a rough several weeks for managers running Microsoft's auto update services. Last month, bloggers disclosed the existence of a Windows patch that silently and automatically installed itself even on Machines configured not to install updates. Critics cried foul on the principle that users should have absolute control over their machines. They also argued that the stealth update could hamper compliance requirements.

Microsoft said the patch was installed on machines only to make sure Windows Update worked properly in the future. Managers promised to be more transparent in the future.

The revelation that Microsoft is pushing yet more installations not explicitly agreed to by administrators is not likely to sit well with this same vocal contingent. Redmond may want to don the asbestos suits now.

News source: The Register

Report a problem with article
Previous Story

Password-cracking chip causes security concerns

Next Story

Toshiba denies Xbox 360 with built-in HD DVD

72 Comments

Commenting is disabled on this article.

This is well within the EULA, but since nobody bothers to read the ****ing thing, they would not have known that. Instead, blame MS.

Obviously not a credible IT Tech.

THIS IS TRUE, all my machines installed it last night, how many complaints you think i got this morning, and am continuing to get as people boot up with this MS Search ccrap installed, even though i use WSUS and have NEVER approved it to be installed.

I am NOT happy, MS should not be forcing updates, especially ones that are so resource intensive. Now i have to spend half the day removing it from everyones systems.

Kirkburn said,
Rather than getting angry over what you think MS are trying to do, read the previous posts.

i don't think they are doing anything ro trying to do anythign, I KNOW they probablyh stufed up adn forced desktop search, as i am still getting complaints about it. i have read the previous posts and BrandonLive said MS are workign on it, however how is that in any way helpful, the mdamage is done. unless MS comes with an update that removes it in the next few hours, it won't help me at all, but i hope they can work out what went wrong so this sort of thing never happens again

Here is my understanding of what happened. No one on the WDS product team knew about this until this morning (I was the first to know, because of an extremely impolite e-mail sent to my personal e-mail account).

  • It was a screw-up, and everyone involved is deeply sorry about the trouble this has caused
  • It ONLY affects WSUS systems where admins had approved an earlier WDS Update package
  • The previous packages only updated existing WDS installations, and wouldn't install it on new systems
  • It was intentional to offer a package that would install WDS on machines without it
  • It was NOT intentional for the approval of the previous update to be "inherited" by this package. This was a mistake in the publishing of this package to WSUS.
The WSUS blog has a couple of posts on the subject, the most recent of which is here:
http://blogs.technet.com/wsus/archive/2007...-follow-up.aspx

They have suspended deployment of the WDS package via WSUS while they fix the problem, and provided instructions for how admins can most easily disable and remove the WDS software.

Believe me, Microsoft and the WDS team did not intend for this behavior. There was never any secret plan to force WDS onto unsuspecting machines. It was simply an error in the WSUS publishing process, which everyone deeply regrets. As someone who used to work in IT, I feel the pain of these admins. This is also pretty embarassing for our team even though it could have happened to any group at Microsoft, as the WSUS publishing process is completely out of our control. That said, please don't think that anyone here is taking this mistake lightly. Even though our official responses may have appeared slow throughout the day, you can be sure that today was a non-stop fire drill for all involved. Once we identified and understood the problem, it took time to coordinate an official response and go through all the necessary approval processes. Unfortunate as that is, it's the reality of a business this size, and our guys did their best to push through it and get this handled as best as we could after figuring out what happened.

thanks for the explanation, nice to see. i got it off all my machines now so i'm right. i still don't ever remember approving any WDS updates before but hell i may have when i rebuilt the server, there were a lot of updates to approve, but i woudl have expected all the machiens to have had it installed from then if i had previously approved it. wierd.

at least you guys are on top of it, and whoever sent you that email should be shot or at least have sent it to your work email i assume if they have your personal email they know you, in which case go slap them in real life :)

and yeah i believe this wasn't deliberate, i never though it was, it did freak me out when i got abused this morning for approving it. seeing i havent approved any updates for a couple of weeks, hopefully someone ass got kicked over there at MS :)

one question is is this sort of thing likely to happen again?

and on top of that OPtus international link gong out to lunch this morning adn all the route flopping going on casuing the whole australian web to slow to a crawl oh yeah and a mate agrreing to fix someone computer for them having no idea what he's doing and expecting me to do the work for him while i bet he gets all the $$$ :(, been an alround crap day (it will at least be good when i tell him to F^&k off as i finsihed at 5:)) sorry i won't go off topic again

Oh, so I guess the at least two recent occasions where updates were installed without permission, changing user's settings without permission, or the forcing of people's computers to restart don't count (and my computer was one that was forcibly restarted one night a while back).

http://blogs.technet.com/wsus/archive/2007...-revisions.aspx

he original update release, released February 2007 as an optional update, was only applicable on systems which had a version of Windows Desktop Search installed. The recent update Revision 105, had the applicability logic expanded to be applicable to all systems regardless if a prior version of Windows Desktop Search was installed

(Update revisions are automatically approved, as its assumed that if you've approved the first update, you don't have a problem with an update of the update going out)

The question is, what idiot decided that this was a good idea? When a server first sync's you have zillions of updates to approve so you tend to just approve them all, knowing that it only installs them on PC's that has the needed software. It does not mean "oh this PC doesn't have the software that has the bug installed, so we'll install it for them"
Why on earth they modified an existing product update and left it in the "Updates" category if its now a full installer as well is beyond me.

There are other categories they could have used for complete software installs, feature packs or tools that aren't auto approved. Although personally I'm a tad annoyed that they are sneaking in full programs via wsus anyway (I've spotted options for full installs of the Windows live suite on there!, to me it misses the point of being an update server.)

As a good rule, you should only automatically approve updates for Critical and Security Updates

This is what I've had it set to for months, but again I must have approved the feb update when I first installed the server.

For those of you who use WSUS...

As a good rule, you should only automatically approve updates for Critical and Security Updates. If you do, you won't have unwanted programs and updates installed on your 100's or 1000's of computers. WDS is in the category Updates. I am sure glade I keep that categories approval NOT set at automatic. :P

So any ideas how to remove this thing with WSUS or GPO/Domain stuff from about 100 computers?

Just found this on another site.

1. Used a GPO to disable and stop the "Wsearch" (aka Windows Search) service on our managed machines. This stopped the "bleeding"

2. Since stopping the service just stops the client from indexing (doesn't remove the WDS GUI from machine), we plan on sending out the following command to machines (with SMS) early next week. This will completely uninstall WDS 3.0.1 silently :

%windir%\$NtUninstallKB917013$\spuninst\spuninst.exe /q /norestart

I'm glad the IT department in my company decided not to use WSUS but rather they push updates via another solution of softwares ;-)

Happened on my standalone home PC too. Searchindexer.exe consumes insane amount of RAM and virtual memory, results in massive I/O slowdowns on my XP box. Worst thing is today itself, I decided to update the out-of-date search index on my comp.

This couldn't happen on a home PC. The only people affected by this are IT departments using WSUS who had approved a WDS "update" last february (which apparently is no longer functioning as an "update" but as a full install, probably due to an error).

SearchIndexer.exe should never be consuming that much memory. At most, 60-70MB for normal configurations. If you are experiencing more than that and it is actually impacting system performance, you are likely hitting a compatibility problem (old version of eTrust, old version of Adobe Reader, etc). Since the indexer on XP totally stops when you move the mouse or press a key (and won't resume until you're idle for a while) you should never notice a performance intrusion.

The first time SearchIndexer.exe runs after any reboot, etc., it performs maintenance on the database file. If you have hundreds of thousands of files, like most people, it can EASILY consume 500mb of RAM during this phase. Once it is done, it will cache it out again, but I have to disable SearchIndexer every time I want to play any games, because it pages to the drives, doing go into a full idle/pause, etc. The program is REMARKABLY stupid when it comes to being something that is so at the core of Vista.

I mean, honestly, not to automatically go into FULL PAUSE when a fullscreen application (or really any application starts taking more than 25% CPU) is just absurdly bad software engineering/design. Little desktop widgets and wallpaper programs can do this, for crying out loud...

Our people are on this. The Desktop Search team was completely unaware of this happening until this morning.

From the sound of it, there may be a problem with WSUS. Our people are following up on it as quickly as they can.

Thanks for the update, Brandon, but it's kind of a moot point, as far as I can see. The update KB917013 doesn't support uninstall from via WSUS.

I tried MS search but found it to be a resource hog and it would reindex the entire hard drive once a few changes were made to the hard drive. I found google desktop search to be much better.

Brandon Live said,
That's completely untrue. WDS only indexes files that change, when they change. It's resource footprint is considerably less than GDS.

All I know is that thing ran constantly and not just for the initial index building. GDS would run the initial indexing and then quietly update and things were added. The MS Search ran all of the time I ended up killing it most of the time just so I could work. As my friend's dad said: "There is not a piece of hardware that Gates cannot slow down with his software."

frbubba said,

All I know is that thing ran constantly and not just for the initial index building. GDS would run the initial indexing and then quietly update and things were added. The MS Search ran all of the time I ended up killing it most of the time just so I could work. As my friend's dad said: "There is not a piece of hardware that Gates cannot slow down with his software."

Technically your friend's dad (really yourself most likely trying to hide your sarcasm rather poorly) is correct about any software from any vendor.

The fastest hardware is the hardware with the least running on it.


Also if your hard drive ran constantly it could be a few things.

A: Indexing caused your HD to discover physical faults and it was auto-recovering data to non-affected sectors.
B: You constantly are installing/uninstalling and/or moving around data all the time and it's defragging your hard drive.
C: You have a really old machine that couldn't handle any modern software.

The last one is fairly likely if a simple desktop search program made your machine almost unusable.

Or...


D) Windows Desktop Index Search has a failure, corrupting the original database. Instead of being able to repair it gracefully, I've seen it have to rebuild itself from scratch. For those of us with hundreds of thousands of files, this is VERY annoying. I've seen this happen on more than one system under XP, but not under Vista yet.

Quote - iCarry said
This whole article is BECAUSE Microsoft pushed out an "updated" release of WDS 3.01, and since BY DEFAULT WSUS automatically approves revisions, this was pushed out automagically.

It does look like the installer is bugged, rather than upgrading existing installs, it's installing on all PCs.

Let me get things straight

WSUS approves ONLY updates to software you have already approved, it will NOT automatically approve just about any update

The installer isn't bugged either, since none of the 3 WSUS Servers I run on our corporate WAN has validated WDS for installation, nor did it install itself anywhere for that matter since I expressely forbid it in the settings

NO that is plain not true, well it is supposed to be true, but in this case i never approved it, yet it somehow showed up as approved

Yes whole POINT of the article is that WSUS BYPASSED this flag and FORCED itself to install...ahem.

Between this, the whole Automagic Windows Updating itself issues (mentioned above, not really a big deal IMHO), and the worldwide WGA authentication server failure (which is a HUGE deal IHMO), a lot of people are getting to say...

I TOLD YOU SO!

just checked my WSUS and it hasnt pushed this...could be because I havnt authorised the original desktop search cack

we have no need for desktop search users save to network shares and know where specific files are! if they dont and save locally and lose files/data through either hardware failure or end user stupidty guess what tough pooh pooh ;)

for once im glad i have to manually approve updates :P (I wait for a week before releasing any major update, first testing it ion my own system in my office before letting it loose on the domain)

@Croq Id rather do without either of these items...maybe its me but why is there a need for such tools in a domain?? thats what a well organised and trained staff are for to save relevant files in relevant folders/shares no?

Google search after uninstallation leaves obscenely sized index files if you dont specifically say to remove them 1gb files + are commonplace. Its on eof the first things removed from dell systems when they come in that and google toolbar!

I thought so. I knew i told wsus to not installl it. IT stinks because it slows down the startup of my slower pcs . that up untill now were having no problems.

majortom1981 said,
IT stinks because it slows down the startup of my slower pcs . that up untill now were having no problems.


Well, they were -- and still are having problems -- because they are slow...you said it yourself! :P

What admins are letting MS install whatever they want. I would think anyone would half a brain would use WSUS or another custom patching software like Patcklink.

This whole article is BECAUSE Microsoft pushed out an "updated" release of WDS 3.01, and since BY DEFAULT WSUS automatically approves revisions, this was pushed out automagically.

It does look like the installer is bugged, rather than upgrading existing installs, it's installing on all PCs.

We noticed this: for what I could tell it was released as an revision update to the previous version. WSUS automatically approves those by default, even if you've got every other type of update set to manual approval. Its a separate tab (Advanced) in the Automatic Approvals dialog, so its basically a hidden setting unless you're looking for it. It looks like the installer is bugged and it installs even if there wasn't a previous version on the machine.

Let this be a lesson: no automatic approvals.

it has nothign to do with automatic approval, as i said i don't have auto approval set in WSUSand it got installed on all my machines

I saw this damn thing on my Microsoft Update yesterday, and immediately hid it from showing up again. Last thing I need is some Vista bloat creeping into my XP.

It is useless to those that can't run it without it interfering with their other daily habits. It interfered with my Web browsing, not to mention that it kept reverting to the indexing defaults instead of keeping my indexing settings. After about 3 weeks (it reset itself after 1 week every time), I found that last bit rather annoying. If the application doesn't do what it is supposed to in the first place, I see no reason to keep it. By the way, that was on XP, and after seeing what Vista Home Premium did to my dad's just-bought laptop, I don't dare install even Vista Home Basic on mine. It is "Windows Vista™ Capable" (read "able to run Vista Home Basic only"), but I have enough troubles and don't need to deal with a slow OS when I need to get things done. I only had trouble with Fedora 6 once when I ran it, and that was my own stupid fault (third-party software repository is not always of the best quality...)

MS just can't seem to do anything right anymore... Great for new users, but once those new users get ****ed off, things'll turn a different direction. I'm no gamer, but for the sake of those who adore the Xbox platforms, I hope nothing gets screwed up there.

MioTheGreat said,
Yeah, who wants a fast index providing a powerful interface to instantly finding your data? It's useless bloat!

He who does not lose his data in the first place, and knows where to look for it.

rpgfan said,
By the way, that was on XP, and after seeing what Vista Home Premium did to my dad's just-bought laptop, I don't dare install even Vista Home Basic on mine.

And the laptop also likely came with McAfee, Google Desktop Search, WildTangent, and who knows what else crapware.

ataris_kid said,

He who does not lose his data in the first place, and knows where to look for it.

So back to filing cabinets, then? This is just an even quicker way to access your data. I can type something into Vista's start menu search and find it a lot faster than most people can go into Documents, and find the folder they saved it in, the subfolder inside that one, and open the document.

MioTheGreat said,
So back to filing cabinets, then? This is just an even quicker way to access your data. I can type something into Vista's start menu search and find it a lot faster than most people can go into Documents, and find the folder they saved it in, the subfolder inside that one, and open the document.
Don't be ridiculous with the paper and filing cabinets argument.

Good organization is a must. Having a search utility is no excuse to going back to a flat file system with no subdirectories and structure. In other words, just throwing files 'wherever' without care and expecting search to be the primary file finder is a bad idea.

MioTheGreat said,
Yeah, who wants a fast index providing a powerful interface to instantly finding your data? It's useless bloat!

from the testing my company has done internally, itis actually rather unreliable, to the point we removed support for it from our software

Fortunately we're using a whitelist-based filter here. It's a pain when we want to kill time online, but at least anything from Windows Update is not allowed through. We (I) download and burn patches to CD, and write batch scripts to install them the long way. Bothersome but it makes sure anything getting on our PCs goes through my department first.

We would be EXCEEDINGLY cheesed off if this happened to us. This is becoming a real problem. Microsoft is forgetting that regardless of licensing agreements, it does NOT own other people's computers and it does NOT have the right to install whatever it thinks they should have. That this is happening at about the same time as Microsoft C&D'd AutoPatcher seems not entirely coincidental.

I hate to do it, because security patches are so important, but I'm very near to advising family, friends, and associates to turn off automatic updates on their PCs and do everything manually again, at least until Microsoft shapes up.

*sigh* I'm very happy to be a *nix user right now.

CelticWhisper said,
...
Microsoft is forgetting that regardless of licensing agreements, it does NOT own other people's computers and it does NOT have the right to install whatever it thinks they should have.
...
Re-read your EULA. Microsoft reserves the right to install what they deem necessary, without your permission. I don't think they have used this much (only thing that comes to mind is the update to the updater, which makes sense to me).

markjensen said,
Re-read your EULA. Microsoft reserves the right to install what they deem necessary, without your permission. I don't think they have used this much (only thing that comes to mind is the update to the updater, which makes sense to me).

Yep, most people fail to realize this and the fact that they DON'T OWN WINDOWS. I think the specific language that was in the XP EULA is not in Vista's though. Maybe they cleverly hid it.

@Celtic: why not use WSUS?

raskren said,
@Celtic: why not use WSUS?

Because, it is WSUS that is giving IT Depts. the problem, re-read the article and all the blog posts about it.


mlauzon76 said,

Because, it is WSUS that is giving IT Depts. the problem, re-read the article and all the blog posts about it.


WSUS only does things like this when IT departments have their WSUS Servers set to automatically approve updates as they come in. No IT department in their right minds should be doing it that way, they should be testing updates on a small subset of machines before rolling them out company wide.

mlauzon76 said,

Because, it is WSUS that is giving IT Depts. the problem, re-read the article and all the blog posts about it.

yeah but this is the only time i have seen it happen, so why not use WSUS previously, i never had any probs until this crap

markjensen said,
Re-read your EULA. Microsoft reserves the right to install what they deem necessary, without your permission. I don't think they have used this much (only thing that comes to mind is the update to the updater, which makes sense to me).

Balls to that. My computer, my licence, my money, my time. The updating updater is something that might get allowed but apart from that any clause that enables a third party (and a supplier is a third party when it comes to my stuff) to arbitrarily bugger up my machine is not enforceable thanks to my overriding right to tell them to sod off. Don't like it? Don't care. Try enforcing it. An inequable contract (that is not signed, a click-through cannot be interpreted the same) is illeagl under contract law.

Example: an update (that can be installed without your approval, knowledge, etc., according to the almighty EULA) cripples your internet connectivity because you happen to have a competing product installed. Under the "terms" they can do this with no recourse at any time.

(Hypothetical, I know that doing such a thing would cause a massive backlash. Doesn't alter the fact that they can)

markjensen said,
Re-read your EULA. Microsoft reserves the right to install what they deem necessary, without your permission. I don't think they have used this much (only thing that comes to mind is the update to the updater, which makes sense to me).

On their software. But I have the right to set up a firewall and strand that software from the internet as severely as I choose. Just because Microsoft's software is on my hardware doesn't mean that they then now own my hardware too.

Like I said, we're on a whitelist filter at work and I'm very tempted to do the same at home, at least for Windows systems. My girlfriend has been very curious about Ubuntu since her friend at MIT told her about it; if she makes the switch, then I'll just cut off all Windows systems on my network from the Internet and require Mac OS or Linux for connectivity. Put that in your crack pipe and smoke it, Redmond. I'd like to see your "value-added features" get through my ProSafe box when it's told to drop anything and everything from your IP range bound for your targets on my network.

Same here. Must know I'm not an IT dept.!! :nuts:

Which is good as I didn't want it and wouldn't want it. Immediately set my prefs at the update site to not show me that again.

Kushan said,
Strange it never hit my PC and windows update lists it as an optional software update...what gives?


This story isn't about Windows Update, it's about Windows Server Update Services.

Yeah, this hit PC's at my work yesterday too. The IT manager is NOT impressed and spent this morning going around various PCs uninstalling it again.

What IT department in their right minds has WSUS set to install updates automatically anyway? At our company all updates are tested on a small group of machines before being rolled out company wide.

TCLN Ryster said,
What IT department in their right minds has WSUS set to install updates automatically anyway? At our company all updates are tested on a small group of machines before being rolled out company wide.

YO umissed the point, even if you didn't approve this update it got installed. hell i never approved it on my WSUS, and i have not got it set to install updates automatically, actually as soon as i heard it was in there i went in and disabled it