Re: The Windows Update DDoS attack

["Dennis Henderson" <hendomatic () gmail com>]

On 5/28/07, rms () computerbytesman com <rms () computerbytesman com> wrote:
>  This Windows Update problem showed up my computer about a month ago.  A
> few minutes after a reboot, I saw a svchost process suddenly start consuming
> almost 100% of the CPU.  I couldn't do anything on the system for about 20
> minutes.  CTRL-ALT-DEL didn't even work.  Extremely annoying.
>
>
>
> Did anyone else run into this problem?  I'm curious how common the problem
> was.
>
>
>
> Richard
Yes I has this same issue on a dual core AMD box. I ended pulling the
windows update service out of the svchost  and rehosting it under its own
svchost. It would go 100% CPU and leak tons of memory(at one point I saw it
over 400 meg). I cound just then kill that one svchost and restart it
without crashing the whole box. The rest of my machines are Intel and they
didnt seem to have the issue to the same degree.

It drove me nuts for about 2 weeks as I thought the box might have been
pnwed..  Once the patch was rolled, things have been much better.


Dennis

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.