Thursday, July 25, 2013

Additional Information On KB2775511 Warning

Yesterday I sent out a tweet about NOT to install KB2775511 since it may cause serious issues in your SCOM environment. Also I blogged about it, to be found here.

The blog posting and tweet got much valuable feedback. Therefore I have decided to share the three most important ones.

01: How about KB2775511 itself?
As it turns out this KB is a rollup package containing 89(!) hotfixes. This KB is rolled out in May 2013 by using the WSUS mechanism. So basically this KB itself is nothing but a package, meaning the package itself doesn’t cause the possible deadlock. Some of its content causes this issue. It might be only one of those hotfixes or a certain combination of multiple hotfixes.

I have contacted Microsoft asking them more detailed information about what hotfixes exactly may cause this issue. As soon as I get feedback I’ll update this posting.

02: What SCOM components may be affected?
As far as I understand it, all components running the SCOM Health Service may be affected. So this means SCOM Agents running on monitored/managed Windows Servers, SCOM Gateway Servers and SCOM Management Servers.

03: Does KB2775511 always cause a deadlock?
One of the readers of my blog, John Bradshaw, reported that KB2775511 is installed a month ago by WSUS on all the servers of his company. All those servers are monitored/managed by SCOM and until now no extra issues have been noticed.

I know John for a long time and he knows what’s he’s talking about. Also the environment he works with is a serious one, looking at scale and diversity. So his feedback on this topic is gold.

Apparently this KB may cause a deadlock under certain conditions – which are still unknown – generating heart beat failure, resulting in greyed out SCOM Agents, Gateway Servers and Management Servers.

Hopefully Microsoft will soon come out with more detailed information since the current situation is uncertain and remains unclear. Skipping or – even worse – rolling back 89 hotfixes is a companies and system engineers nightmare. Even more the reason: it MIGHT cause a deadlock. But as seen in bullet 03, it doesn’t need to happen at all…

No comments: