How Microsoft made my sister's laptop freeze then fixed it

Microsoft for just under two years has had this free "service" called Patch Tuesday where every second Tuesday of the month they make updates available via Microsoft/Windows update and automatically through a program called, you'll never guess, automatic updates! Prior to Patch Tuesday, Microsoft's would release patches and updates at any time they saw fit - which was not so considerate for their customers, but when your roiling in dough and don't have customers complaining too much then your fine. Back on track, depending on your configuration of automatic updates it can either be set to: download all the "critical updates" and automatically install them; or download them and an annoying but loving prompt will guide the user through the updates and then install them, and let's not forget to reboot; or disable automatic updates completely and manually download and install the updates. All these options, except the last, make the astronomical assumption that once you install the updates your computer will run, at least, about the same as it always before you installed the update. Microsoft is famous for being quite the contrarian on this point. Mind you, other companies have this problem also.

Now understand that I am not saying automatic updates is a bad program, I am just saying that you need to be aware of what your installing and that Microsoft is not immune from this good advice. The case in point involves update KB916089 (the "KB" stands for Knowledge Base) which was released on Nov. 14, 2006. I don't know if my sister's laptop was experiencing symptoms before just about two weeks ago, but she told my Dad that her computer was taking a long time to load anything. We feared that this was the same overheating problem she had experienced in late January early February which resulted in her laptop getting a new motherboard.

However, as I looked at the programs running in the background (called processes) I noticed that one of the instances of a process called svchost.exe was going crazy a using between 98-100% of the CPU time. By the way, you can see this information one of two ways - either press and hold down Ctrl + Alt + Delete to bring up the Windows Task Manager then click on the "Processes" tab, or download and run an even more useful program by Mark Russinovish called Process Explorer. I knew this process was indeed legitimate, but I also knew it wasn't supposed to take up so much attention from the CPU. Therefore, I hit the "End Process" button and proceeded to surf the web.

Within two minutes svchost.exe would start back up and I would end the process again. I knew something was wrong so I looked on the net and there were pages that would basically suggest that my sister had a virus and here's how you fix it, but that did not solve my particular problem, so I called Dell. The technician explained the proceeding about the Microsoft update gone awry and had me boot into safe mode then download and apply KB927891. The problem was both caused and fixed by Microsoft.

If you read the Security Advisory for KB927891 and read the "More Information" for KB916089 what you find out is that a scan that Automatic Updates performs was going bonkers. I hope this will save someone a lot of trouble if they are experiencing the conditions I describe.