I got called to look at an IIS Server first thing this morning. Websites were simply saying "Service Unavailable". Looking at the System log, I could see that IIS's Rapid-fail protection was kicking in i.e. five Source W3SVC Event ID 1009 warnings followed by one Source W3SVC Event ID 1002 error. Unsurprisingly, disabling Rapid-fail protection had no positive effect. The logs revealed that a number of patches were automatically installed at 3am, including 973917 which "implements Extended Protection for Authentication in Internet Information Services (IIS)". At the time of writing, 973917 is still at revision 1.0 with no reported known issues. However, I found this blog post on MSDN which points to this KB article (Internet Information Services 6.0 may not function correctly after installing KB973917) which describes the issue.
Moral of the story? In an ideal world, test before patching. In a less than ideal world, be sure you have a known good backup before you patch. And if you have to patch and be damned, I wish you the best of luck.
B
PS Test first or patch asap? Each to their own.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment