From: Robert Comer 

>The WSUS team has been dealing for some time with a problem they call
>the 'svchost/msi issue.' One of the problems here is that during
>automatic patch updates on a Windows XP machine, CPU usage goes into
>overdrive. "Of course, the computer is virtually unusable" when that
>happens, someone using the name Foxy-Perth wrote on the Windows Update
>support forum.

It's more than just WSUS, I've had 3 PC's have this problem with normal
Windows update, one last month's patch cycle and 2 this month.

--
Bob Comer



On Mon, 14 May 2007 21:48:03 -0400, mike  wrote:

>
>http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1254774
,00.html
>
>===
>The days following a Microsoft security update are typically followed by
>reports of deployment problems, and this month is proving to be no
>exception. Since the software giant's May 8 patch rollout, various blogs
>and discussion boards have been full of reports about everything from
>DNS service failures to Windows Server Update Services (WSUS)
>malfunctions.
>
>At least one IT professional reported that after applying this month's
>patches to a bunch of domain controllers, the DNS service on one of them
>was failing repeatedly.
>
>"I have it set to recover, so it comes back on, but it fails again after
>a few minutes," he said in a patch management email forum hosted by
>Roseville, Minn.-based Shavlik Technologies.
>
>Meanwhile, Susan Bradley, a Microsoft MVP and IT administrator at
>Tamiyasu, Smith, Horn and Braun Accountancy Corp. in Fresno, Calif.,
>wrote in her MS07-027, a cumulative update for Internet Explorer.
>
>She said there are two issues with the patch -- Some Windows 2000
>machines were being offered a 2004 patch, and some Vista machines were
>getting a "navcancl" error message after patching. As a temporary
>solution, she recommended IT administrators start Internet Explorer 7
>using the following commands: start->run iexplore.exe -nohome -extoff;
>then right click on the toolbar area and click the menu bar if it's
>disabled; and then select tools->options->advanced->security->disable
>phishing filter.
>
>Even though the Internet Explorer patch is rated critical, she said IT
>administrators should not hurry it onto their systems at the expense of
>thorough testing.
>
>"Even after you patch it your browser will [still] have security issues
>and if you have other mitigations in place, the rush should not be on to
>be the first to install," she wrote in her blog. She said administrators
>should remember they are "installing changed code on a system that
>Microsoft CANNOT fully test for because they DO NOT have your system,
>your software, your surfing habits, etc."
>
>Administrators are also reporting problems with WSUS following
>Microsoft's Tuesday patch release, which addressed 19 flaws that
>included a zero-day DNS server flaw and flaws in Microsoft Exchange,
>Internet Explorer, Microsoft Excel, Word and Office.
>
>The WSUS team has been dealing for some time with a problem they call
>the 'svchost/msi issue.' One of the problems here is that during
>automatic patch updates on a Windows XP machine, CPU usage goes into
>overdrive. "Of course, the computer is virtually unusable" when that
>happens, someone using the name Foxy-Perth wrote on the Windows Update
>support forum.
>
>The problem persists even though Microsoft has tried to address it will
>a hotfix.
>===
>
> /m

--- BBBS/NT v4.01 Flag-5