For several months, XP and Server 2003 users were suffering from an issue that manifested itself as the process of SVChost.exe taking all of the CPU resources. The underlying problem was old old old IE updates that XP still had to scan through when processing windows update. On Patch Tuesday I noticed that 613 updates expired off my WSUS server including many old old IE updates.
I asked Waggener Edstrom Worldwide for a statement on what I saw and received this back as a response:
“On Tuesday, Microsoft depreciated legacy security updates for Internet Explorer that had been replaced by more recent ones. We did this to improve customer experience, reducing the time Windows Update requires to check existing updates before installing new ones. This action was purely to improve update performance and does not affect customer security.” – Dustin Childs, group manager, Microsoft Trustworthy Computing
(Statement courtesy of contacting Waggener Edstrom Worldwide, approval to post this to the PatchManagement.org listserve for public distribution see http://marc.info/?l=patchmanagement&m=138983558101352&w=2 for original post)
Kudos to Microsoft for expending the engineering energy in the last remaining days of XP.
Personally I think it increases customer security as way too many people were turning off Windows Update due to the horrific symptoms.
Remember there is only three patching days left for XP. The time to migrate/move off/lock it down so it’s not on the web is now.