Operating System - Windows XP SP 1 Home Edition

I recieve this message when trying to install security updates: Q811279, Q823980, Q329170 (Just to name a few). I'm sure there are other security updates I have already downloaded (but haven't installed yet) that will give me similar messages.

QFE Installer Error
WEUpdate cannot retrieve information needed for setup from database.
Setup cannot continue.

This is most likely caused by a missing download I need to install certain QFE files, but I have been looking for days with no luck. Can you recommend a fix or point me in the right direction?

Rod wrote:

Hi

Here is the response Lucy [MS] gave another person with the same error:

<quote>
Try the following steps:

Click Start, and then click Run.

In the Open box, type "cmd" (without the quotation marks), and then click
OK.

At the command prompt, type the following commands, pressing ENTER after
each line:

net stop cryptsvc


ren %systemroot%\system32\catroot2 oldcatroot2


net start cryptsvc


Type "exit" (without the quotation marks) to close the command prompt, and
then install update again.


If problem persists please post the last 20 lines of the Windows Update.log
file from c:\windows directory.


Thanks,
Lucy [MS]
</quote>



--
torgeir
Microsoft MVP Scripting and WMI, Porsgrunn Norway
Administration scripting examples and an ONLINE version of the 1328 page
Scripting Guide: http://www.microsoft.com/technet/com...r/default.mspx

I followed the step you said to the letter, but I still recieve the QFE Installer Error. Here are the last 20 lines of my Windows Update.log as you requested

2004-03-01 11:59:33 17:59:33 Success IUENGINE Shutting dow
2004-03-01 12:04:38 18:04:38 Success IUCTL Downloaded iuident.cab from http://www.windowsupdate.com/v4/ to C:\Program Files\WindowsUpdate\V
2004-03-01 12:04:38 18:04:38 Success IUCTL Current iuengine.dll version: 5.4.3790.2
2004-03-01 12:04:38 18:04:38 Success IUCTL Current iuctl.dll version: 5.4.3790.2
2004-03-01 12:04:38 18:04:38 Success IUENGINE Startin
2004-03-01 12:04:39 18:04:39 Success IUENGINE Determining machine configuratio
2004-03-01 12:04:39 18:04:39 Success IUENGINE Determining machine configuratio
2004-03-01 12:04:39 18:04:39 Success IUENGINE Shutting dow
2004-03-01 14:55:29 20:55:29 Success IUCTL Downloaded iuident.cab from http://www.windowsupdate.com/v4/ to C:\Program Files\WindowsUpdate\V
2004-03-01 14:55:29 20:55:29 Success IUCTL Current iuengine.dll version: 5.4.3790.2
2004-03-01 14:55:29 20:55:29 Success IUCTL Current iuctl.dll version: 5.4.3790.2
2004-03-01 14:55:29 20:55:29 Success IUENGINE Startin
2004-03-01 14:55:30 20:55:30 Success IUENGINE Determining machine configuratio
2004-03-01 14:55:30 20:55:30 Success IUENGINE Determining machine configuratio
2004-03-01 14:55:36 20:55:36 Success IUENGINE Shutting dow
2004-03-01 15:30:18 21:30:18 Success IUCTL Shutting dow
2004-03-01 17:52:48 23:52:48 Success IUCTL Startin
2004-03-01 17:52:48 23:52:48 Success IUENGINE Startin
2004-03-01 17:52:48 23:52:48 Success IUENGINE Shutting dow
2004-03-01 17:52:49 23:52:49 Success IUCTL Shutting dow

Here is some additional info that might help. This is the link where I downloaded the file Q329170
http://www.microsoft.com/downloads/d...&displaylang=e
This is the full name of the file. Q329170_XPE_SP2_X86_ENU.ex

Here is some additional info I sent Bob Cerelli to help me clear this up

I have a pretty new computer (just over 3 months old) and I want to have all the files burned onto cds (this includes security updates) in case I decide to reinstall everything from scratch at some point in the future. So rather than install everything in one lump sum (with the rollup package), I decided to download the files my computer recommended (excluding ones I didn't find necessary) individually by going through a list. I went to the Windows Update area ((this is the link I decribed in the last post)) and just downloaded (I had no problems with the downloading process) each update individually until I had them all. I read each one carefully for install order and certain updates that needed to be installed prior to each update. There was never any info reguarding the error I have been recieving while I try to install these updates. It's most likely just specific ones cause I have already installed many updates individually without problems. I can go through installing all of the ones I have that will allow it and then write down all the specific ones I'm having problems with if that'll help

Rod wrote:

Hi

This update has a severity rating of "Low" for Windows XP, I would
just have skipped the update.

As I see it, you take no big risk by not installing it:

From the "Technical details" section at
http://www.microsoft.com/technet/sec...n/MS02-070.asp
("Flaw in SMB Signing Could Enable Group Policy to be Modified (329170)")

<quote>
Mitigating factors:

Exploiting the vulnerability would require the attacker to have
significant network access already. In most cases, the attacker
would need to be located on the same network segment as one of
the two participants in the SMB session.

The attacker would need to exploit the vulnerability separately
for each SMB session he or she wanted to interfere with.

The vulnerability would not enable the attacker to change group
policy on the domain controller, only to change it as it flowed
to the client.

SMB Signing is disabled by default on Windows 2000 and Windows XP
because of the performance penalty it exacts. On networks where
SMB Signing has not been enabled, the vulnerability would pose no
additional risk – because SMB data would already be vulnerable to
modification.

Severity Rating:
Windows 2000: Moderate
Windows XP: Low

The above assessment is based on the types of systems affected by the
vulnerability, their typical deployment patterns, and the effect that
exploiting the vulnerability would have on them. The threat to Windows
XP systems is lower than for Windows 2000 systems because the most
serious potential outcome of exploiting the vulnerability – modifying
group policy as it is disseminated by a domain controller – does not
apply to Windows XP, since it cannot serve in such a function.
</quote>


and from the FAQ section:

<quote>
Who could exploit the vulnerability?

In order to exploit the vulnerability, the attacker would need to already
have a significant degree of access to communications on the network.
He or she would need to be able to monitor and modify the communications
between the two systems in real-time. This would typically require the
attacker to not only have physical access to the network media, but a
favorable location within the network as well.

What do you mean “a favorable location within the network”?

It wouldn't be enough for the attacker to have access to the network media.
He or she would also have to be located along the path taken by the data as
it passed between the client and the server. The vulnerability provides no
way for the attacker to force the communications to take a particular path
so, in most cases, he or she would need to be located on the same network
segment as one of the two communicants.
</quote>


--
torgeir
Microsoft MVP Scripting and WMI, Porsgrunn Norway
Administration scripting examples and an ONLINE version of the 1328 page
Scripting Guide: http://www.microsoft.com/technet/com...r/default.mspx

The update can also generate this error if you already have the latest copy
of SRV.SYS installed.
Compare the version numbers with the ones listed in the KB article:
http://support.microsoft.com/default...b;en-us;329170

You can also try installing the update in Safe Mode.

--
Thanks,
Lucy [MSFT]

This posting is provided "AS IS" with no warranties, and confers no rights.


"Torgeir Bakken (MVP)" <Torgeir.Bakken-spam@hydro.com> wrote in message
news:404669E4.2DE2EFED@hydro.com...
requested.