Case Study:Use Caution When Deploying Microsoft's Software Update Service

Recently, my company acquired the responsibility of providing infrastructure and technical support to a small, non-profit organization. Shortly after acquiring this responsibility, I experienced a ‘major’ problem. Several end users had reported application errors after applying the latest Internet Explorer 5.5 update found on the Windows Update website (http://windowsupdate.microsoft.com). After a lengthy investigation, it was discovered that the update had modified a Windows system file, (gdi.exe) causing a protection fault whenever a user attempted to print from the company’s financial software application (Solomon v2.6). In effect, the update acted like a virus, disabling the company’s most important application.

Tags:

Read the complete paper at SANS