An unidentified number of Windows users got more than they bargained for with Microsoft’s latest round of Patch Tuesday security fixes when their PCs froze for hours while installing the updates.
On affected systems, one of Windows' system processes, svchost.exe, was consuming up to 99 percent of system resources, according to John C. A. Bambenek, a handler at the SANS Institute Internet Storm Center.
Svchost.exe, which handles processes executed from dynamic link libraries (DLLs), is a key stability and security element. Windows often runs multiple copies of svschost.exe simultaneously.
According to Bambenek, the freeze-up occurred on Windows PCs set to automatically update with Microsoft's monthly set of security patches.
"The problem was more specific to the update service rather than the latest patches themselves," he said. "No one could figure why [the update] worked on some [PCs], not others."
Bambenek added that it impacted only one of his computers.
Bambenek added that users who had already run a previous patch (No. 927891, an update for Windows XP) before the May 8 round of patches experienced no trouble.
"This was a case of Microsoft missing something in the testing process just to get this out," he added. "If they had tested things in several configurations, they would have caught it."
A Microsoft spokesperson confirmed the issue this week.
"Microsoft has confirmed that, under certain conditions, CPU utilization may reach 100 percent after installing updates from Windows Update or Microsoft Update," said the spokesperson. "This issue is not unique to security updates. Updating a computer with non-security updates can result in the same conditions. The problem may occur when Microsoft Office is installed and the Windows Update Agent tries to scan for Windows Installer updates."
Microsoft advised affected users to visit Microsoft support for detailed guidance on how to address this issue.
For more on Patch Tuesday and other IT security issues, visit SC Magazine Blogs.