N/A - KB927891

Today we are announcing the availability of an update that does not address a security vulnerability, but is a high priority for customers in keeping their systems updated. The update addresses the following issue:

Your system may appear to become unresponsive when Windows Update or Microsoft Update is scanning for updates that use Windows installer, and you may notice that the CPU usage for the svchost process is showing 100%.

When you try to install an update from Windows Update or from Microsoft Update, you experience the following symptoms:

Your system may appear to become unresponsive when Windows Update or Microsoft Update is scanning for updates that use Windows Installer.

You receive an access violation error in svchost.exe. This access violation stops the Server service and the Workstation service.

A memory leak occurs when Windows Update or Microsoft Update is scanning for updates that use Windows Installer.

Windows Update or Microsoft Update scans take a very long time, sometimes hours, to complete.

We encourage Windows customers to review and install this update. This update will be offered automatically through Automatic Updates. For more information about this issue, including download links for the available non-security update, please review Microsoft Knowledge Base Article 927891.

Please note that this update is the first part of a two-part update that is the comprehensive solution to the problem. In June, another update will involve the Windows Update client. The update for the Windows Update client will also be automatically offered through Automatic Updates.

What is the scope of the advisory?
This advisory clarifies the Microsoft Knowledge Base Article and its associated update. The update does not correct a security vulnerability, but is instead an update for the error conditions that are described above. This update affects the software that is listed in the Overview section.

For more information, see Microsoft Knowledge Base Article 927891.

How do I know whether this issue affects me?
You may be affected by this issue if you observe the conditions, listed earlier, on your computer when trying to update by using Microsoft Update, Automatic Updates through the Internet or through Windows Server Update Services, Systems Management Server Inventory Tool for Microsoft Updates, or Windows Update.

Won’t this issue affect the installation of this update?
This update will install correctly even if the computer is already affected by this issue. However, you may be unable to install other updates until you install this update.

This is a security advisory about a non-security update. Isn’t that a contradiction?
Security advisories address security changes that may not require a security bulletin but may still affect customer’s overall security. Security advisories are a way for Microsoft to communicate security-related information to customers about issues that may not be classified as vulnerabilities and may not require a security bulletin, or about issues for which no security bulletin has been released. In this case, we are communicating the availability of an update that affects your ability to perform subsequent updates, including security updates. Therefore, this advisory does not address a specific security vulnerability; rather, it addresses your overall security.