Microsoft still trying to fix SVCHOST bug in Windows XP

Over a month ago, we reported that many users defiant or unable to upgrade from Windows XP were experiencing a bug in SVCHOST that causes the CPU of a PC to go up to 100 percent usage. We contacted Microsoft for comment but they did not send back a response.

Although Microsoft is trying to come up with a solution before the company officially cuts off support for Windows XP in less than five months, this much we do know. InfoWorld reports that the problem was supposed to be fixed with this month's "Patch Tuesday" releases. However, it appears that patch was ineffective against the SVCHOST bug.

According to a statement from Windows Update team member Doug Neal:

The problem is caused by the Windows Update client evaluating an exceptionally long supersedence chain - something IE6 and IE7 have more than any other version of IE due to their time in market. Each 'link' in the chain doubles the CPU resources needed to evaluate it over the previous version. The chain is so long that the design stymies the WUA client.

Since this month's patch update didn't solve the issue, it sounds like it's back to the drawing board for this problem. However, Neal indicated they will provide a patch that will finally fix this bug "as soon as possible to halt the impact."

Source: Infoworld

Report a problem with article
Previous Story

Google and Microsoft team up to fight child pornography

Next Story

Microsoft's Spanish president denies they want to rename Real Madrid's stadium

56 Comments

Commenting is disabled on this article.

Just had this issue with a couple of XP clients I haven't logged onto for a couple of weeks. Nothing to do with BITS, purely svchost/windows update running wild taking up 100% CPU and getting nowhere.

I tried all the Fixits and latest IE8 cumulative patches (specifically KB2879017) with no success. I did fix it (repeatedly) by reinstalling IE8 from scratch. Something like:-

1. d/l IE8
2. install it (attempt #1); kill 100% svchost if it runs again
3. reboot when requested; continue IE8 installation; kill 100% svchost if it runs again

4. reboot and background windows update should run straight away and install catchup patches (between 5 and 25 updates on my clients).
5. finally try Windows Update manually and will say "fully patched" with svchost nice and quiet.

Just not fix it, and tell people to upgrade. This system has to die. Legacy apps are not the issue of MS.

Had a customer call me today about a Avast issue, where an upgrade caused the internet not to work. After uninstalling Avast and getting the internet working, I was trying to establish a support connection and the XP machine was DRAGGING ****ING ASS!! It took FOREVER to get connected. Guess what the issue was? Yep SVCHOST was raping the CPU at 100% I installed the latest cumulative IE update, reboot and the issue was gone. Then the computer was actually very zippy.

I alternate (and much better) fix is to upgrade to Windows 7. Buy it while it's still available if you haven't already done so.

68k said,
I alternate (and much better) fix is to upgrade to Windows 7. Buy it while it's still available if you haven't already done so.

Or better yet, Windows 8.1 - which runs better on older hardware than Windows 7.

Anecdotal note: Last week, we threw Win 8.1 on a P4 (desktop CPU) notebook from Clevo (D900T), and not only did benchmarks jump by 25% over XP, and 15% over Win7, but the thermal management of the CPU was literally staggering. It is able to run with passive cooling 98% of the time, which is impressive as it was NEVER able to run fanless on XP, Win7, or even the RTM of Win8.

Your asking why people are hanging on to an old OS that's 13 years old? Don't forget they were selling it pre-installed on netbooks up until a few years ago. Are you going to ask someone who bought a netbook 2 years ago why they are still hanging on to XP? You really think paying $100 to upgrade windows on that thing is going to work? Should you just say, "Well, you bought it at a bad time and only get a few years of use out of it." Microsoft should support it much longer then a few years after the last OEMs were sold.

jefflang09 said,
Your asking why people are hanging on to an old OS that's 13 years old? Don't forget they were selling it pre-installed on netbooks up until a few years ago. Are you going to ask someone who bought a netbook 2 years ago why they are still hanging on to XP? You really think paying $100 to upgrade windows on that thing is going to work? Should you just say, "Well, you bought it at a bad time and only get a few years of use out of it." Microsoft should support it much longer then a few years after the last OEMs were sold.

It wasn't offered to OEMS for netbooks after Windows 7 released. So that is 2009 at the latest.

Even the netbooks that it was sold on in the 2005-2009 era, they can upgrade to Windows 8.1, as it runs on the netbook hardware FASTER with longer battery life than XP does, yes even with 1GB of RAM and the first generation Atom processors.

Side Note..
To run Windows 8 properly on older netbooks with 1024x600, flip the display settings to 1024x768 or 1152x864 - Search for: DownScalingSupported

The factory I work at has several massive machines for cutting and bending metal.
Guess what operating system they run and no, they aren't upgradable.

Microsoft has to fix this as some of these machines will still be around for years in many many factories, updates or not.

pacmania1982 said,
This bug also affects Windows Server 2003 - found that out today on one of my servers at work.

and which update caused that?

Been having massive issues with updating fresh XP installs for customers. Still have a large % of people around here who will use XP until either the OS or the machine literally blows up. ROFL

Unfortunately some device manufacturers with closed source drivers won't provide driver updates for certain devices.

Have it on several Windows XP computers here at work, in fact, I think it had killed a couple of the machines or rendered them useless.

Last Tuesday's patches refused to install on one of my XP machines because some update to WGA refused to install. I can't pinpoint exactly what fixed it as it was purely through trial and error. In any case, I manually downloaded the EXE from the associated KB article, ran it, then saw SVCHOST.EXE pin the CPU at 100% for a very long time (an hour maybe?). But it did finish on its own.

After that, the rest of the updates installed correctly without much of any delay.

Not sure if any of this is going to be

I am sure this is something Microsoft doesn't want to fix as this affects new installations and they don't want any of those

warwagon said,
Except for the fact you won't get important security updates.

Because you can't turn it on when you want to run it and then turn it back off.

Users report this problem on Neowin forums weeks ago if not months. They are still trying and act as if the problem is the whole OS itself. They don't even test patches correctly anymore , releasing everything trough Windows Update.

My mess with the comments , sorry. I'll kill my wife soon with some special flower petals or something. Or just buy myself an Xbox One over her ideea of PS4 and its done.

Decebalvs Rex said,
My mess with the comments , sorry. I'll kill my wife soon with some special flower petals or something. Or just buy myself an Xbox One over her ideea of PS4 and its done.

Riveting tale, chap.

This ancient , postfeudal monolithic OS still requires attention as its not dead yet. They must support and patch it till the end , don't screw it up Microsoft, nostalgia people and cavemen need it FLASHY and speedy after you kill it. They must know it will work till 2020 , otherwise youre in trouble.

Decebalvs Rex said,
This ancient , postfeudal monolithic OS still requires attention as its not dead yet. They must support and patch it till the end , don't screw it up Microsoft, nostalgia people and cavemen need it FLASHY and speedy after you kill it. They must know it will work till 2020 , otherwise youre in trouble.
you sound very young

Decebalvs Rex said,
This ancient , postfeudal monolithic OS still requires attention as its not dead yet.

The last Windows kernel to be really monolithic was the 9X series, although a majority of non-Windows kernels in use today still are. NT and above are hybrids.

What does feudalism have to do with it? Don't recall any computers being around in that era.

That said.. why not? It's still got support, so why not fix a bug with it?

Am I not right ? It looks like Microsoft forgot this OS , they need to support it till the deadline. The rest of my comment ? I forgot to add /s.

Decebalvs Rex said,
This ancient , postfeudal monolithic OS still requires attention as its not dead yet. They must support and patch it till the end , don't screw it up Microsoft, nostalgia people and cavemen need it FLASHY and speedy after you kill it. They must know it will work till 2020 , otherwise youre in trouble.
Why would they not fix a problem with an OS that is still currently supported?

Rudy said,
Why would they not fix a problem with an OS that is still currently supported?

For now, yes.
But... if they're trying to fix this bug that could cause another regression later, after the product support period ended..., that's not good, my friend... not a good way to end something, especially this kind of thing...

Probably because they have a policy of only providing security updates once the "mainstream" product support phase is over, which was back in 2009 for XP. If it's a problem that exists that isn't security-related, Microsoft has stated they aren't likely to provide a fix unless you're a big customer with a very expensive support agreement. Then, they'll listen to your bugfix request, and decide whether or not to fix that bug just like they would if it was still in mainstream support.

At some point, users will either have to deal with XP's bugs as they exist at this point, or upgrade/migrate to a newer or different platform. XP's dead, and Microsoft receives no revenue from it at this point. It's time to give XP a proper burial (at least from a support perspective, which costs money to do) and tell the recalcitrant to pay up for more support (by purchasing something that's still in mainstream support) or stop asking for free help.

I don't use XP any more so I cannot speculate, but from the description here it would seem that the bug is related to IE6 and IE7 - so would installing IE8 fix it?

Kushan said,
I don't use XP any more so I cannot speculate, but from the description here it would seem that the bug is related to IE6 and IE7 - so would installing IE8 fix it?

Yes but only until the next month when a new cumulative IE update is released. Then you have to reinstall IE8 with updates turned on or install the latest cumulative patch manually.

No it has to do with the multiple versions of IE that XP supports if I am reading it correctly, the verification chain still exists for IE6 even if you are using IE8.

Steven P. said,
No it has to do with the multiple versions of IE that XP supports if I am reading it correctly, the verification chain still exists for IE6 even if you are using IE8.

This is correct. In the forums, my studies showed that the bug occurred regardless of what IE version you had.

I managed to fix it on every PC, it worked 100% of the time.

I upgraded to a modern OS (come on, someone had to make a comment like this).

Started having this issue on a computer we use for production (tracking orders, builds, etc). Applied all updates and it seems to be working better, however still a bit worrisome.

Why do people keep calling this the SVCHOST bug???? Technically there is no bug with SVCHOST. It is a bug in a service that SVCHOST hosts. In this case Windows update.

I think the more important question is, why are people still using XP in a production environment when it is going to be dropped next year?

I can understand that but there are going to be no security updates when it is dropped and surely this would leave it in a potentially dangerous situation if it is attacked? If I was a customer I would hate to know my details are being left on an unsecured OS. If you are making a profit perhaps it is time to upgrade your hardware?