For several months, XP and Server 2003 users were suffering from an issue that manifested itself as the process of SVChost.exe taking all of the CPU resources. The underlying problem was old old old IE updates that XP still had to scan through when processing windows update. On Patch Tuesday I noticed that 613 updates expired off my WSUS server including many old old IE updates.
I asked Waggener Edstrom Worldwide for a statement on what I saw and received this back as a response:
“On Tuesday, Microsoft
depreciated legacy security updates for Internet
Explorer that had been replaced by more recent
ones. We did this to improve customer experience,
reducing the time Windows Update requires to check
existing updates before installing new ones. This
action was purely to improve update performance
and does not affect customer security.” - Dustin
Childs, group manager, Microsoft Trustworthy
(Statement courtesy of contacting Waggener Edstrom
Worldwide, approval to post this to the
PatchManagement.org listserve for public distribution see http://marc.info/?l=patchmanagement&m=138983558101352&w=2 for original post)
Kudos to Microsoft for expending the engineering energy
in the last remaining days of XP.
Personally I think it increases customer security as way too many people were turning off Windows Update due to the horrific symptoms.
Remember there is only three patching days left for XP. The time to migrate/move off/lock it down so it's not on the web is now.