When is a Microsoft Windows patch not a patch at all?
When you can’t even find out that it exists.
We all know that Microsoft releases Windows patches practically every
week. What you probably don’t know is the inside story of a patch
Microsoft completed months ago but hadn’t released any information about
How A Bug Steals Your Resources
I revealed in my March 1, 2004 Executive Tech column that a flaw in
Windows 2000 Server and Windows Server 2003 is costing corporations a
boatload of time and money. Here’s the problem in a nutshell:
sets that help IT administrators govern large numbers of users and
computers in an enterprise. Unfortunately, GPOs in Windows 2000 and 2003
have the very bad habit of wiping out the ”archive bit” on all files
and folders within the organizational unit (OU) of the affected servers.
these files makes it impossible for corporations to perform small,
”differential” backups of the files that have recently changed.
Instead, these companies’ backup routines must copy a much larger number
of files, since the archive bit no longer indicates which ones need
administrative time that’s consumed by this problem varies by company.
But it’s a significant chunk of change, according to those who’ve
diagnosed the problem.
A Patch Is Born
Gary Busby is Active Directory Services Engineer for a beverage company
in Atlanta, Ga. He says he reported the problem to Microsoft last year
and urged them to fix it.
”It took them almost six months to even get us an initial patch in the
first place in February or March ,” Busby says. ”And then it
took a while to get the final QFE [Quick Fix Engineering patch] in
The patch is dated April 9, 2004, and replaces Windows’ buggy Scesrv.dll
file, Busby explains. The fixed files he’s been able to obtain from
Microsoft are called version 5.0.2195.6923 for Windows 2000 Server and
version 5.2.3790.160 for Windows 2003 Server, he says.
If you haven’t heard about this problem — or the fix that’s been
available for the last few months — it’s because Microsoft took its
sweet time before it posted a bulletin about the situation. It wasn’t
until July 2 that the Redmond software giant released a description
called Knowledge Base Article 833281.
Using the patch can save corporations a bundle.
”We have over 1,000 servers worldwide,” Busby says. ”We had a solid
25 percent to 30 percent reduction in the size of our differential
backups when doing our backups [after installing the fix].”
Free Hotfix For Those In The Know
I confirmed Busby’s story by calling Microsoft’s Support Customer Care
number last week. Since my name is well-known within Microsoft circles,
I asked my research director, Vickie Stevens, to pose as a Windows 2000
information systems manager during the call. She requested the hotfix
known as ”833281”, saying she’d read an article about this and had
heard from a friend that this was the number of the patch she needed.
A Microsoft support worker named Paul said at first that he couldn’t
find a Knowledge Base article bearing that number. (That was true at the
time, because the article hadn’t yet been publicly posted at Microsoft’s
site.) When he was asked to search the company’s records for ”833281”
and ”Windows 2000”, however, he quickly found an internal document
that described the update.
The staffer e-mailed us a link that allowed us to download a
password-protected hotfix file. Once we decompressed the file, we found
that it contained two related executables whose names begin with
”WINDOWS2000-KB833281”. These files were digitally signed by Microsoft
with a date stamp of April 9, 2004.
The above example illustrates the fact that even well-documented bugs
sometimes go unannounced for months before Microsoft will publicly
release the needed patch or bulletin. But, fortunately, the company
charges nothing for the 833281 hotfix if you know that you need to ask
Microsoft Support Customer Care can be called at 1-800-936-3500 in the
United States and Canada. For numbers in other countries, visit
Microsoft’s International Support page. Select your country, then click
the links entitled ”Contact Microsoft” and ”Phone Numbers”. You also
might want to cross your fingers for good luck.
Brian Livingston is the editor of Brian’s Buzz on Windows and the
co-author of ”Windows ME Secrets” and nine other books. Send story
ideas to him via his contact page.