You see, in one of the last Automatic Updates one specific patch, classified as "High Priority Security Update" failed to install. I tried to manually download the patch and apply and it again failed to install.
Looking at the logs, what do I see?
2.547: 2006/05/10 11:56:51.859 (local)
2.547: \43f998869285ff556064\update\update.exe (version 188.8.131.52)
2.547: Hotfix started with following command line:
2.594: Microsoft Windows is Not Present
2.594: Condition Check for Line 1 of PreRequisite returned FALSE
2.594: ReadStringFromInf: UpdSpGetLineText failed: 0xe0000102
2.594: KB908981 Setup encountered an error: Setup cannot continue because one or more prerequisites required to install KB908981 failed. For More details check the Log File
2.609: ReadStringFromInf: UpdSpGetLineText failed: 0xe0000102
Oh, yes. A pre-requisite to install this patch is to have Windows Server running. It looks like the patch doesn't think I have a Windows Server running, right?
Next I tried to apply for e-mail support. Easy, go to Microsoft Support, and start entering the details for e-mail support. When it asked if this is the server where the problem is happening, I click yes and it can not identify the Product ID. No problem, I can manually enter it, but wait there's more:
The Microsoft PSS site tells me that my Product ID, which I copied from the System Properties is not that of a Windows Server 2003 Standard Edition, but of a Windows Server 2003 R2 Standard Edition.
So I am stuck and can't use the on-line support.
Next I try calling Microsoft PSS, and after answering a few questions I am set back with the following:
- We have to charge you $350 for this call.
- But this is a high priority security update that failed to install!
- Yes, but Windows Server is a business software and there's no free support for it.
No wonder there are insecure servers connected to the Internet and being used around the world. Microsoft fails to deliver the patches and then try charging for a fix!
UPDATE: As you may see in the comments I was contacted by someone in the Windows Server team through this blog entry. I also received an e-mail from other team member. I got a confirmation that PSS should not have indicated this would be a charged support service since this is a security patch, regardless of being home or commercial use. Currently I have someone from Microsoft looking at this problem but since it is already Satudary here in New Zealand I will not expect a status update until Monday at least.
UPDATE: The Microsoft rep had visited my server, confirmed it is a Windows Server 2003 Standard Edition and confirmed the patch fails to install. He's looking into the patch configuration now.
1. Run REGEDIT
2. Go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\Web Server
3. Created a new String Value of "Microsoft Windows" and set the
Data Value as 184.108.40.20638
Other related posts:
Windows 8 Consumer Preview
Windows 7 and Windows 2008 R2 Service Pack 1 on Technet, MSDN now
Register for .Net Code Camp Wellington now
Comment by Jama, on 12-May-2006 11:44
Did you pay the $350? And was that NZ or US dollars?
Comment by jonniegunz68, on 12-May-2006 14:31
I am no Lawyer but, maybe you should speak with one based upon the fact that an implied free service, patches and security updates, are not working for you and they wish to charge a fee to make it so.
Comment by Jeremy King, on 12-May-2006 15:25
Comment by Ward Ralston, on 12-May-2006 16:03
This is a drag - drop me a mail and Ill take care of this for you - firstname.lastname@example.org
Comment by Quinn, on 12-May-2006 16:09
You should be running Linux! ...kidding
Ask M$ and I'm sure they will tell you that the support is free if it's their bug.
Comment by juha, on 12-May-2006 16:42
Maybe you are running Linux without realising it?
Comment by whetu, on 12-May-2006 17:12
And even then, the $350 does not guarantee you a fix, it's a "meh, we'll throw it on the pile and look at it when the planets next align" fee. For a guaranteed fix you're looking at 4 digits, if my memory serves right - it's in the 1 to 5k range depending on who you are/what the fault is/urgency etc
Comment by merland, on 13-May-2006 01:02
You should feel lucky, I've seen security updates kill IIS past the point of no return.
You shouldn't run Windows for a server.
Comment by Cypress, on 13-May-2006 01:30
You should REALLY give Linux a try. Don't pay for software. I'm managing a Linux server and updates are downloading freely in the background every day... free of charge :)
Comment by wow!, on 13-May-2006 01:41
It appears from the logo below your profile that you are a Microsoft Most Valued Professional. It's good to see that they take care of their loyal followers so well. I think I'll get certified too and start buying their products, then I can start getting the shaft like this again because I'm really starting to miss the "Windows Experience". Not.
Comment by xistanz, on 13-May-2006 01:45
I guess that explains why Bill Gates is so rich?
Comment by ZT3000, on 13-May-2006 02:13
So which version ARE you running?
Release 1 (R1) with a Release 2 (R2)install code or R2 with an R2 install code or R1 with an R1 install code which Microsoft mistakenly identifies as R2?
Depending on that answer, the failed update may or may not be intended for you, regardless it shows up on MS update.
If it was me after what you've already found out, I'd take the stress out of the situation and simply not worry so much about it. Instead, try the MS update site later which allows Microsoft to either: Remove the erroneous update or correct their identification mechanism.
Either way, you are not stuck and I would not try the manual install until you are certain this update is for you.
Comment by ServerGuy, on 13-May-2006 02:33
Maybe you really should be running Linux. Many people use it every day to perform the same tasks that Windows servers do. You can download the entire OS and many excellent server packages and applications for free, with free security updates and excellent support forums. Just go to http://www.linuxiso.org/ and download the version of your choice. If you are unfamilliar with Linux you may want to try downloading the Knoppix distribution, as it boots directly off of the burned CD image so that you can try it out without disturbing the contents of your had disk. Knoppix even allows you to fix a number of problems on a broken windows server without the need to reinstall windows!
I've been running Linux on my servers since 1995, and have had a great deal of success with it. It's also much better than depending on the "kindness" of one commercial entity when you need real help.
Comment by sean lynch, on 13-May-2006 02:50
If you are comfortable with Windows server 2003, I suggest you continue to use it. I would suggest using a simple Linux based firewall like IPCop to run behind. This way you will be able to protect your network for free, and continue to use the commercial software that you like.
I'm sure that someone more familiar with the BSD family of OS's could suggest a good BSD based firewall as well.
Either BSD or Linux based firewall would allow you to keep your Windows server running, while protecting your systems and not costing you any more than finding an old pentium class computer to run the firewall on.
Good luck. I hope Microsoft solves the bug that is preventing you from installing their critical security patch.
Comment by DevOne, on 13-May-2006 04:12
You should be running BSD! :D
Comment by Sebastián Benítez, on 13-May-2006 05:53
Well, there you have it. You may like Windows, but Windows is not Microsoft and Microsoft is not Windows. And not all people inside Microsoft work the same way or are willing to help without you paying for that. One thing is the product and other the company that publishes it.
You may be happy with Windows way. Are you happy with Microsoft's way?
Comment by Chris, on 13-May-2006 07:09
Obviously you're running OS/2 without realising it!
Comment by helios, on 13-May-2006 12:43
For me, it came down to a matter of pride.
I've used MS desktops and servers for years. I have been rewarded with service/situations that parallel yours closely, DRM and Trusted Computing Modules hindering my choices and an ever-decaying Nasdaq position. Not to mention that I was giving my thousands of dollars a year to a convicted criminal.
I would not tolerate this kind of treatment in ANY face to face situation. Why would I pay dearly to tolerate if from someone I NEED to trust for my businesses survival on a daily basis?
Linux may be populated with Zealots and Religious/FOSS Fanatics, but at least I can turn the key in the locks of my offices at night and not have to worry about the stability of my IT structure.
It comes down to a matter of pride.
Comment by spauldingsmails, on 13-May-2006 17:44
hmm. Puts a new spin on the Total Cost of Ownership debate. Hope it works out because that's just not right charging NZD350.
Comment by Leon Brooks, on 13-May-2006 22:52
You know, I have customers which have run significant (e.g. PHP-backed and PostgreSQL-backed) Apache on Linux webservers for OVER TWELVE YEARS, not suffered a security break and not suffered any hint of failure in attempting (and succeeding with) simple updates at this level.
How many billions of dollars are the Apache Foundation worth? How about Linus Torvalds or LKI? Perhaps there is a moral in there...?
Comment by whetu, on 14-May-2006 09:54
>>I'm sure that someone more familiar with the BSD family of OS's could suggest a good BSD based firewall as well.
m0n0wall or pfsense come to mind.
>>Linux may be populated with Zealots and Religious/FOSS Fanatics
Which is exactly what drove me to BSD. It's nice to be in an open source community that doesnt constantly spout on about how "Billy Hitler Gates" rapes puppies and then there's the grand conspiracies where "M$" (oh so clever humour) are secretly the illuminati with a brilliant three step business model:
1) Collect the world's first born sons
With BSD, the focus is on good code, not politics. In my experience anyway... that's not to say that Linux based OSes are bad, far from it, just the Linux communities are unfortunately ravaged by idiots :(
Comment by Jason Gurtz, on 15-Jun-2006 08:07
I have this exact problem with KB908981
So much for the /ER and /verbose flags. Doesn't change the detail level of the log by one lousy bit. :((
Let's see... ...grepping in the inf's
try again... Success!
What's the magic you ask?
Try this (but don't hold me responsible plz!)
---- Cut Below Here ----
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\Web Server Extensions\5.0\Setup Packages]
---- End Cut above here ----
Add a comment
Please note: comments that are inappropriate or promotional in nature will be deleted.
E-mail addresses are not displayed, but you must enter a valid e-mail address to confirm your comments.