SP2 being downloaded though blocker in place

We have had the ADM template in place since August blocking the AU of SP2.
SP2 is specifically not approved on our SUS server. Group Policy dictates
that machines use our SUS server (http://sus.company.com) for updates. This
has been working since August. Suddenly, starting yesterday or today, we
have seen a huge jump in our Internet bandwidth and now machines are
automatically downloading SP2 from the Windows Update site(s).

I have checked at least one of the machine. The
HLM/Software/Policies/.../WindowsUpdate registry key is set to 1 (to block
SP2), the domain policy is set on the machine and applied (used GPConsole to
verify). Why are our machines now

a) downloading SP2 from external Windows Update
b) downloading SP2 from AU with the blocker set

Microsoft decided to force the installation of the SP2 because it's a major
improvement of the security in XP ...
That's why it's installing now !



"Ofer B. Ho" <> a écrit dans le message de
news: B4118821-4BBF-4CD2-80B6-...
> We have had the ADM template in place since August blocking the AU of SP2.
> SP2 is specifically not approved on our SUS server. Group Policy dictates
> that machines use our SUS server (http://sus.company.com) for updates.
> This
> has been working since August. Suddenly, starting yesterday or today, we
> have seen a huge jump in our Internet bandwidth and now machines are
> automatically downloading SP2 from the Windows Update site(s).
>
> I have checked at least one of the machine. The
> HLM/Software/Policies/.../WindowsUpdate registry key is set to 1 (to block
> SP2), the domain policy is set on the machine and applied (used GPConsole
> to
> verify). Why are our machines now
>
> a) downloading SP2 from external Windows Update
> b) downloading SP2 from AU with the blocker set

Please post a source for this incorrect information.
The OP may have a problem, but it is not because Microsoft made changes
forcing SP-2.
SP-2 will not be forced by Microsoft on any computer.

--
Jupiter Jones [MVP]
http://www3.telus.net/dandemar/


"JC" <> wrote in message
news:...
> Microsoft decided to force the installation of the SP2 because it's a
> major improvement of the security in XP ...
> That's why it's installing now !
>
>
>
> "Ofer B. Ho" <> a écrit dans le message
> de news: B4118821-4BBF-4CD2-80B6-...
>> We have had the ADM template in place since August blocking the AU of
>> SP2.
>> SP2 is specifically not approved on our SUS server. Group Policy
>> dictates
>> that machines use our SUS server (http://sus.company.com) for updates.
>> This
>> has been working since August. Suddenly, starting yesterday or today, we
>> have seen a huge jump in our Internet bandwidth and now machines are
>> automatically downloading SP2 from the Windows Update site(s).
>>
>> I have checked at least one of the machine. The
>> HLM/Software/Policies/.../WindowsUpdate registry key is set to 1 (to
>> block
>> SP2), the domain policy is set on the machine and applied (used
>> GPConsole to
>> verify). Why are our machines now
>>
>> a) downloading SP2 from external Windows Update
>> b) downloading SP2 from AU with the blocker set

This is not entirely "incorrect information," because he is partly right at
least. Microsoft is indeed going to force SP2 upon its customers if I didn't
misunderstand the last paragraph in the link below..

http://www.microsoft.com/smallbusine...hub.mspx#block





"Jupiter Jones [MVP]" wrote:

> Please post a source for this incorrect information.
> The OP may have a problem, but it is not because Microsoft made changes
> forcing SP-2.
> SP-2 will not be forced by Microsoft on any computer.
>
> --
> Jupiter Jones [MVP]
> http://www3.telus.net/dandemar/
>
>
> "JC" <> wrote in message
> news:...
> > Microsoft decided to force the installation of the SP2 because it's a
> > major improvement of the security in XP ...
> > That's why it's installing now !
> >
> >
> >
> > "Ofer B. Ho" <> a écrit dans le message
> > de news: B4118821-4BBF-4CD2-80B6-...
> >> We have had the ADM template in place since August blocking the AU of
> >> SP2.
> >> SP2 is specifically not approved on our SUS server. Group Policy
> >> dictates
> >> that machines use our SUS server (http://sus.company.com) for updates.
> >> This
> >> has been working since August. Suddenly, starting yesterday or today, we
> >> have seen a huge jump in our Internet bandwidth and now machines are
> >> automatically downloading SP2 from the Windows Update site(s).
> >>
> >> I have checked at least one of the machine. The
> >> HLM/Software/Policies/.../WindowsUpdate registry key is set to 1 (to
> >> block
> >> SP2), the domain policy is set on the machine and applied (used
> >> GPConsole to
> >> verify). Why are our machines now
> >>
> >> a) downloading SP2 from external Windows Update
> >> b) downloading SP2 from AU with the blocker set
>
>
>

You missed this phrase in that paragraph:
"with Automatic Update enabled"

People still have as much control over their computers, nothing has changed.
The only difference is the blocking tool will expire.
That tool prevented automatic download and installation of SP-2 even if
Automatic Update is enabled.

See this link for more information:
http://www3.telus.net/dandemar/forcesp2.htm

--
Jupiter Jones [MVP]
http://www3.telus.net/dandemar/
In memory of our dear friend, MVP Alex Nichol


"dog" <> wrote in message
news:2251A827-7BE4-4046-9FA0-...
> This is not entirely "incorrect information," because he is partly right
> at
> least. Microsoft is indeed going to force SP2 upon its customers if I
> didn't
> misunderstand the last paragraph in the link below..
>
> http://www.microsoft.com/smallbusine...hub.mspx#block
>
>
>
>
>
> "Jupiter Jones [MVP]" wrote:
>
>> Please post a source for this incorrect information.
>> The OP may have a problem, but it is not because Microsoft made changes
>> forcing SP-2.
>> SP-2 will not be forced by Microsoft on any computer.
>>
>> --
>> Jupiter Jones [MVP]
>> http://www3.telus.net/dandemar/
>>
>>
>> "JC" <> wrote in message
>> news:...
>> > Microsoft decided to force the installation of the SP2 because it's a
>> > major improvement of the security in XP ...
>> > That's why it's installing now !

"dog" <> wrote in message
news:2251A827-7BE4-4046-9FA0-...
> This is not entirely "incorrect information," because he is partly right
at
> least. Microsoft is indeed going to force SP2 upon its customers if I
didn't
> misunderstand the last paragraph in the link below..
>
>
http://www.microsoft.com/smallbusine...hub.mspx#block
>

Did you see the part about "Machines with Automatic Updates enabled" ?

Automatic update service can be turned off by the operator. IF Automatic
updates are enabled, the DOWNLOAD of SP2 will be pushed to the machine. You
have to agree to a EULA before SP2 will be installed. Even if SP2 is
downloaded, if you say no to the EULA, it will not be installed. You can
then tell Automatic Updates to ignore the SP2 update, and it will not bother
you again.

There is no forced installation of SP2 mentioned anywhere that I have seen.
I expect, however, that MS will end support of XP SP1a at some point in the
future.

We didn't notice this till today, but it IS coming from WU and it is
installing in spite of our GPO blocking it. MS needs to fess up now.
*.microsoft.com and windows update site are BLOCKED from our campus as of
2:45 pm. Hello?

"gw" wrote:

>
> "dog" <> wrote in message
> news:2251A827-7BE4-4046-9FA0-...
> > This is not entirely "incorrect information," because he is partly right
> at
> > least. Microsoft is indeed going to force SP2 upon its customers if I
> didn't
> > misunderstand the last paragraph in the link below..
> >
> >
> http://www.microsoft.com/smallbusine...hub.mspx#block
> >
>
> Did you see the part about "Machines with Automatic Updates enabled" ?
>
> Automatic update service can be turned off by the operator. IF Automatic
> updates are enabled, the DOWNLOAD of SP2 will be pushed to the machine. You
> have to agree to a EULA before SP2 will be installed. Even if SP2 is
> downloaded, if you say no to the EULA, it will not be installed. You can
> then tell Automatic Updates to ignore the SP2 update, and it will not bother
> you again.
>
> There is no forced installation of SP2 mentioned anywhere that I have seen.
> I expect, however, that MS will end support of XP SP1a at some point in the
> future.
>
>
>

"jeff",

"GW" was absolutely right about Service Pack 2. It might download onto
machines with Automatic Updates set to download every update, but it will
NOT install unless the user agrees to a EULA, and then clicks a "Next"
button to continue with installation.

Please tell me how this behaved differently on your network.

Sincerely,

Pat Walters [MSFT]


"jeff" <> wrote in message
news:6C4D1979-DC08-41A8-8B85-...
> We didn't notice this till today, but it IS coming from WU and it is
> installing in spite of our GPO blocking it. MS needs to fess up now.
> *.microsoft.com and windows update site are BLOCKED from our campus as of
> 2:45 pm. Hello?
>
> "gw" wrote:
>
> >
> > "dog" <> wrote in message
> > news:2251A827-7BE4-4046-9FA0-...
> > > This is not entirely "incorrect information," because he is partly
right
> > at
> > > least. Microsoft is indeed going to force SP2 upon its customers if I
> > didn't
> > > misunderstand the last paragraph in the link below..
> > >
> > >
> >
http://www.microsoft.com/smallbusine...hub.mspx#block
> > >
> >
> > Did you see the part about "Machines with Automatic Updates enabled" ?
> >
> > Automatic update service can be turned off by the operator. IF Automatic
> > updates are enabled, the DOWNLOAD of SP2 will be pushed to the machine.
You
> > have to agree to a EULA before SP2 will be installed. Even if SP2 is
> > downloaded, if you say no to the EULA, it will not be installed. You can
> > then tell Automatic Updates to ignore the SP2 update, and it will not
bother
> > you again.
> >
> > There is no forced installation of SP2 mentioned anywhere that I have
seen.
> > I expect, however, that MS will end support of XP SP1a at some point in
the
> > future.
> >
> >
> >