| Event Id | 16389 |
| Source | WindowsUpdateV3 |
| Description | "The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. The following information is part of the event: V3_2|5421|INSTALL|Q320206: Security Update|1,10,101,0|2002- 05-28 10:32:50|1|FAIL|0x80004005|Unspecified error|." |
| Event Information | According to Microsoft: CAUSE: This vulnerability occurs because of a flaw in how access to the debugging facility in Windows is validated. Because of a flaw in how requests to attach to the system debugger are authenticated, unauthorized programs may be able to gain access to the system debugger. According to Some News Reader: This problems appears to be caused by a corruption in the update cache. This may happen to Service Packs or security updates. Check the contents of the file wuhistv3.log, in your Program Files\windowsupdate folder. It may cause of the problem. Remove this folder WindowsUpdate located at C:\Program Files\WindowsUpdate out of your path; somewhere safe but where the system will not look for it. If all goes well when you go back to the update site remove it. Note that some updates youve installed may appear again. |
| Reference Links | MS02-024: Authentication Flaw in Windows Debugger Can Cause Elevated Privileges |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.