Again, many replies summarized below. Longer URLs are probably wrapped to
multiple lines. The original URLs are supplied, and a TinyURL offered after
each.
Cheers,
Russ - NTBugtraq Editor
1. I got a response from a reliable source at Microsoft. They suggested;
Here is a suggestion you may try and resolve the error. I would also focus on
if the user has a firewall or proxy server and this maybe preventing from
accessing the windows update site....
"The error 0x80072f78 means ERROR_HTTP_INVALID_SERVER_RESPONSE The server
response could not be parsed. This is usually a proxy or firewall filter issue
try having the customer add the following to his trusted sites list.
Please check and verify your proxy or firewall configuration that maybe causing
the error when accessing the Windows update site.
Add the following Trusted Sites:
A. Start Internet Explorer.
B. On the Tools menu, click Internet Options.
C. Click the Security tab.
D. Click the Trusted sites icon.
E. Click the Sites button.
F. Clear the Require server verification (https:) for all sites in this zone
check box.
G. Use the Add button next to the Add this Web site to the zone box to add the
following sites:
http://*.windowsupdate.microsoft.com
https://*.windowsupdate.microsoft.com
http://download.windowsupdate.com
H. Click OK.
2. Susan Bradley, [SBS Community Member] said;
Lemme guess ISA server? Egress filtering full on?
<http://msmvps.com/bradley/archive/2004/09/14/13534.aspx>
<http://tinyurl.com/5haqz>
3. James Roche proffered;
Two possible scenarios for the cause of this issue.
1. A firewall with content filtering is preventing the Windows systems from
automatically updating root certificates.
2. A group policy setting is set to prevent the automatic updating of root
certificates.
(Before proceeding with the steps below, make a note of the settings and make
sure you can bring your browser settings back to the desired settings when you
are done updating from WindowsUpdate.)
One potential workaround would be to uncheck:
"Check for publisher's certificate revocation"
"Check for servers certificate revocation"
"Check for signatures on downloaded programs"
Clear your IE cache and restart the computer.
Visit WindowsUpdate.
Ideally, you would want your systems to automatically update their root
certificates from Microsoft as a means of trusting their servers properly.
4. Ron Katrivas asked;
Have you looked at this?
<http://support.microsoft.com/default.aspx?kbid=836985>
<http://tinyurl.com/3n7ml> I had the same problems and they were related to
esafe server filtering net communication from windows update site. I would try
direct connection Just for problem isolation.
5. John <Bingham552> was wondering the same thing, and in addition reminds
everyone;
<paraphrased by me>
Windows Update logs its errors;
V4 - %systemroot%\Windows Update.log
V5 - %systemroot%\WindowsUpdate.log
Have a look to see where the error occurs and names/addresses that might need
included in your trusted zone? Failure at certain points requires cleaning out
directories to allow WindowsUpdate to run.
</paraphrased by me>
6. Tony Dalton-Richards supplied;
Hi - If you are using an authenticating proxy server then this is a known
issue. See <http://support.microsoft.com/default.aspx?scid=kb;en-us;885819>
<http://tinyurl.com/5yu35> and then
<http://support.microsoft.com/default.aspx?kbid=838893>
<http://tinyurl.com/596qu>
7. John Taylor had seen this before;
I got the same message and managed to track the problem down to my firewall.
I'm running Norton firewall and was blocking Generic Host process for win32
services from accessing the Internet. Once I allowed this to access the
Internet V5 Windows Update worked OK.
--
NTBugtraq Editor's Note:
Want to reply to the person who sent this message? This list is configured such
that just hitting reply is going to result in the message coming to the list,
not to the individual who sent the message. This was done to help reduce the
number of Out of Office messages posters received. So if you want to send a
reply just to the poster, you'll have to copy their email address out of the
message and place it in your TO: field.
--
