funsec mailing list archives
Re: The Windows Update DDoS attack
From: "Dennis Henderson" <hendomatic () gmail com>
Date: Tue, 29 May 2007 08:56:01 -0500
On 5/28/07, rms () computerbytesman com <rms () computerbytesman com> wrote:
This Windows Update problem showed up my computer about a month ago. A few minutes after a reboot, I saw a svchost process suddenly start consuming almost 100% of the CPU. I couldn't do anything on the system for about 20 minutes. CTRL-ALT-DEL didn't even work. Extremely annoying. Did anyone else run into this problem? I'm curious how common the problem was. Richard
Yes I has this same issue on a dual core AMD box. I ended pulling the windows update service out of the svchost and rehosting it under its own svchost. It would go 100% CPU and leak tons of memory(at one point I saw it over 400 meg). I cound just then kill that one svchost and restart it without crashing the whole box. The rest of my machines are Intel and they didnt seem to have the issue to the same degree. It drove me nuts for about 2 weeks as I thought the box might have been pnwed.. Once the patch was rolled, things have been much better. Dennis
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- The Windows Update DDoS attack rms (May 28)
- Re: The Windows Update DDoS attack Dennis Henderson (May 29)
- Re: The Windows Update DDoS attack Alex Shipp (elist) (May 30)
- Re: The Windows Update DDoS attack Jordan Wiens (May 30)
- Re: The Windows Update DDoS attack Dennis Henderson (May 29)