Microsoft KB Archive/932494

= When you use Automatic Updates to scan for updates or to apply updates to applications that use Windows Installer, you experience issues that involve the Svchost.exe process =

Article ID: 932494

Article Last Modified on 10/11/2007

-

APPLIES TO


 * Microsoft Windows Installer 3.1
 * Microsoft Windows XP Professional
 * Microsoft Office XP Professional Edition
 * Microsoft Office XP Standard Edition
 * Microsoft Office XP Personal
 * Windows Defender
 * Microsoft Office Standard Edition 2003
 * Microsoft Windows Server 2003, Standard Edition (32-bit x86)
 * Microsoft Windows Server 2003, Standard x64 Edition
 * Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
 * Microsoft Windows Server 2003, Datacenter x64 Edition
 * Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems
 * Microsoft Windows Server 2003, Enterprise Edition
 * Microsoft Windows Server 2003, Enterprise x64 Edition
 * Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
 * Microsoft Windows 2000 Service Pack 4

-



NOTICE
The problem that the &quot;Symptoms&quot; section describes was corrected in Windows Update Agent 3.0 and in update 927891. These updates were distributed through Microsoft Update in June and July, 2007. If you are still experiencing a problem that resembles the one that this article describes, it may be a different problem. To troubleshoot similar problems, please see the &quot;Similar problems and resolutions&quot; section later in this article.



SYMPTOMS
You use Automatic Updates to scan for updates or to apply updates to any applications that use Microsoft Windows Installer 3.1. Then, you experience issues when you use the following update mechanisms:
 * Microsoft Update
 * Windows Server Update Services (WSUS)
 * The Microsoft Baseline Security Analyzer (MBSA) 2.0
 * Microsoft Systems Management Server Inventory Tool for Microsoft Updates (SMS ITMU)

Some applications that use Windows Installer include Microsoft Office 2003, Microsoft Office XP, and Microsoft Windows Defender. These applications experience the following issues:  The Svchost.exe process may spike the CPU usage to 100 percent during update detection or update installation. Also, the Svchost.exe process causes the computer to stop responding for various lengths of time. The Svchost.exe process produces an access violation during update detection or update installation. Additionally, you receive the following error message:

SVCHOST.exe Application Error

The instruction at 0x0745F2780 referenced memory at 0x000000000 the memory could not be read.

 The Svchost.exe process leaks memory during update detection or update installation.



RESOLUTION
Microsoft provides the following updates to resolve these issues:  Update 916089 resolves the three issues that are described in the &quot;Symptoms&quot; section in the following ways:  Sometimes, this update resolves the issue that causes the CPU usage to spike to 100 percent. Typically, this update also resolves the unresponsiveness of the computer. However, continuing issues are known to occur. This update resolves the reported access violations. However, additional access violations occur because the initial access violations stop the Automatic Updates service before the service reaches those locations in the code.</li> This update resolves the memory leak.</li></ul>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

916089 FIX: When you run Windows Update to scan for updates that use Windows Installer, including Office updates, you may experience a memory leak, or you may receive an error message for the Svchost process

</li> Update 927891 resolves newly-discovered crashes that occur in the Svchost.exe process. Because of the access violations that update 916089 does not resolve, update 927891 also resolves the reported access violations that occur in the Svchost.exe process.

Note These secondary access violations were not exposed until after update 916089 was applied. The secondary access violations are not caused by update 916089. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

927891 You receive an access violation error and the system may appear to become unresponsive when you try to install an update from Windows Update or from Microsoft Update

</li></ul>

The WSUS version 3.0 client program has been released to help address the following issues:
 * You may experience prolonged high CPU usage when you scan the computer for updates or when you install updates.
 * The computer stops responding (hangs) when you scan the computer for updates or when you install updates.

To resolve these issues, you must install update 927891 and the new WSUS 3.0 client.

Note Update 927891 includes update 916089.

Note Although this solution should resolve the computer unresponsiveness and reduce the time that you experience high CPU usage, this solution does not completely eliminate high CPU usage. However, after you apply these updates, the computer should run in a typical manner.

Download information
To obtain the WSUS version 3.0 client program, click one of the following links as appropriate for the operating system.

x86-based versions of Windows
Download the WindowsUpdateAgent30-x86.exe package now.

x64-based versions of Windows
Download the WindowsUpdateAgent30-x64.exe package now.

Itanium-based versions of Windows
Download the WindowsUpdateAgent30-ia64.exe package now.

Itanium-based versions of Windows
<div class="status_section">

STATUS
This problem was corrected in Windows Update Agent 3.0 and update 927891.

<div class="moreinformation_section">

MORE INFORMATION
Update 927891 fully replaces update 916089. If you are affected by the issues that are described in the &quot;Symptoms&quot; section, please follow these steps:
 * 1) Apply update 927891.
 * 2) Restart the computer.

If any of the issues remain, please contact Microsoft Customer Support.

Notes
 * The WSUS version 3.0 client program is fully compatible with WSUS 2.0 SP1.
 * The WSUS version 3.0 client program has been made available to the WSUS 2.0 SP1 server infrastructure so that clients can &quot;SelfUpdate&quot; to the newer WSUS 3.0 version. This update to the SelfUpdate tree is located in the Critical Updates classification and is identified as KB936301.

<div class="moreinformation_section">

Similar problems and resolutions
If you are still experiencing a problem that resembles the one that this article describes, it may be a different problem.

For more information about similar problems and resolutions, click the following article numbers to view the articles in the Microsoft Knowledge Base:

939273 You cannot deploy software updates on a computer that is running Microsoft Windows XP or Microsoft Windows Server 2003

932762 The Service Host process may stop unexpectedly in Windows Server 2003

931852 Error messages when you start a Windows XP-based computer and then try to download Windows Updates

910666 The Svchost.exe process may end unexpectedly on a Windows Server 2003-based computer

894538 When Internet Authentication Service receives an unknown attribute in a packet, a Windows Server 2003-based Internet Authentication Service server stops responding

927385 You receive an error message after a Windows XP-based computer runs an automatic update, and you may be unable to run any programs after you close the &quot;svchost.exe - Application Error&quot; error message dialog box

If these articles do not help you resolve the problem or if you experience symptoms that differ from those that this article describes, please search the Microsoft Knowledge Base for more information. To search the Microsoft Knowledge Base, visit the following Microsoft Web site:

http://support.microsoft.com

Then, type the text of the error message that you receive, or type a description of the problem in the Search Support (KB) field.

Additional query words: WSUS, update, Windows Installer, svchost

Keywords: kbinfo kbtshoot kbprb kbwindowsinstaller kbexpertiseinter kbresolve KB932494

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.