Windows Update "Express" or "Custom" generates persisted key files

Discussion in 'Windows Update' started by Mitch Gallant, Apr 22, 2006.

  1. Not sure if this is a bug or by design (was suggested by MS person that is
    probably a bug)
    XP Pro/Home sp2 fully patched as of 04/24/2006.

    Visiting the Windows Update site and manually checking for updates (either
    Express of Custom" generates two keycontainer files at almost the same
    instant in the Machine keycontainer folder at:
    C:\Documents and Settings\All Users\Application
    Data\Microsoft\Crypto\RSA\MachineKeys
    Each of these files I have confirmed contains two 512 bit keys (an Exchange
    and a Signature keypair). The file-generation happens at the instant the
    button(s) are clicked (before the local scan and any install recommendations
    are found).

    This is reproducible and several others have verified this behaviour.
    However, if Windows updates automatically, the files are not generated (or
    at least persisted).

    Q1: Are these machine keycontainer files supposed to be persisted by
    Windows Update?
    Q2: If so, what are they used for?

    Generally applications can create transient keycontainers but should
    definitely clean them up.
     
    Mitch Gallant, Apr 22, 2006
    #1
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.