Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Re: Critical Updates

0 views
Skip to first unread message

PA Bear [MS MVP]

unread,
Apr 15, 2009, 7:13:33 PM4/15/09
to
The 14 Apr-09 behavior is normal & expected AFAIK. Dunno if we'll see it
again when the next version of the MSRT is released next month but I suspect
we won't.

PS: The MSRT is not a "ciritical update."
--
~Robear Dyer (PA Bear)
MS MVP-IE, Mail, Security, Windows Client - since 2002

AliceZ wrote:
> I just downloaded several Critical Updates for my WinXP (sp3) and > when I
> looked at the log I noticed a new line was included.
> In the past it read:
> "Microsoft Windows Malicious Software Removal Tool v2.8, March 2009
> Started
> On Wed Mar 11 12:15:32 2009 Results Summary: No infection found.Return
> code: 0 Microsoft Windows Malicious Software Removal Tool Finished On Wed
> Mar 11 12:17:03 2009"
> The new log reads:
> "Microsoft Windows Malicious Software Removal Tool v2.9, April 2009
> Started
> On Tue Apr 14 17:38:23 2009 Security policy adjusted. Engine requests
> reboot
> and try again, ignoring. Results Summary: No infection found. Return
> code:
> 0 Microsoft Windows Malicious Software Removal Tool Finished On Tue Apr 14
> 17:39:47 2009
> Does the new line - "Security policy adjusted. Engine requests reboot and
> try again, ignoring." - mean anything? Or is it just something new that
> will
> continue to show in the logs? I noticed it on my other 3 computer's
> Malicious logs (re KB890830). thanks, Alice
>
> (Answer received on MS Community Security Adm forum - FAIK this is nothing
> to worry about. But you could try posting in m.p.security or
> m.p.windowsupdate if you're very concerned, to see whether they have any
> clues.)

AliceZ

unread,
Apr 15, 2009, 7:48:01 PM4/15/09
to
I'm sorry. I should have mentioned that I was referring to the Update KB
890830 and when I looked in the log for the Malicious Software Removal Tool
(KB890830), I saw that new line = "Security policy adjusted. Engine requests
reboot and try again, ignoring."
I never saw that line before and I wondered if it was something new and I
would continue to see it (and that it wasn't pointing to a 'problem').

===============

PA Bear [MS MVP]

unread,
Apr 15, 2009, 8:25:03 PM4/15/09
to
Again, yes, it is something new, I've never seen it before either (and my
MRT log goes back to April 2005), and no one knows if we'll see it again
(but I expect we won't).

AliceZ wrote:
> I'm sorry. I should have mentioned that I was referring to the Update KB
> 890830 and when I looked in the log for the Malicious Software Removal
> Tool
> (KB890830), I saw that new line = "Security policy adjusted. Engine
> requests
> reboot and try again, ignoring."
> I never saw that line before and I wondered if it was something new and I
> would continue to see it (and that it wasn't pointing to a 'problem').
>

Drew

unread,
Apr 27, 2009, 1:22:01 PM4/27/09
to
I noticed the 'Security policy adjusted' message in my April log as well.
And it looks like the account of the user that installed the tool was granted
the 'Debug programs' user right. Is this normal?

PA Bear [MS MVP]

unread,
Apr 27, 2009, 3:25:43 PM4/27/09
to
Dunno.

Harry Johnston [MVP]

unread,
Apr 30, 2009, 5:02:50 PM4/30/09
to
PA Bear [MS MVP] wrote:

> Dunno.

I dunno either, but my educated guess would be yes. It would hardly be
surprising if the MSRT needs to peek into various processes to decide if they're
malicious, and you need the debug programs user right to do so.

Harry.

0 new messages