The check was performed by querying the server for a file, "cucif.cab", which contains a list of all the critical updates released for the user's operating system.The Critical Update Notification Tool then compared this list with the list of installed updates on the user's machine, and displayed a message to the user informing them of new critical updates if they were available. Moore in early 1999 was critical of this approach, describing it as "horribly inefficient" and susceptible to attacks.This has been raised before but I can't find the post/thread.This is the Error Reported when trying to run the on a Win 7 client. I don't know but I doubt the problem is confined to this one executable.As the number of updates offered by Windows Update grew, this resulted in performance concerns.Arie Slob, writing for the newsletter in March 2003, noted that the size of the update list had exceeded 400KB, which caused delays of more than a minute for dial-up users.System administrators can configure Windows Update to install critical updates automatically so long as the computer has an Internet connection, without the user needing to install them manually, or even be aware that an update is required.
The Active X component then executes the downloaded installation files in their silent/unattended mode to install or update those components, and to report the success or failure of those installations back to Microsoft's servers.Shortly after the release of Windows 98, Microsoft released a Critical Update Notification Tool (later called Critical Update Notification Utility) through Windows Update, which installed a background tool on the user's computer that checked the Windows Update web site on a regular schedule for new updates that have been marked as "Critical".By default, this check occurred every five minutes, and when Internet Explorer was started, though the user could configure the next check to occur only at certain times of the day or on certain days of the week.Once the check executed, any custom schedule defined by the user was reverted to the default; Microsoft stated that this was by design in order to ensure that users received notification of critical updates in a timely manner. In a posting to Bug Traq, he explained that, "every single Windows 98 computer that wishes to get an update has to rely on a single host for the security.If that one server got compromised one day, or an attacker cracks the MS DNS server again, there could be millions of users installing trojans every hour.The first version of the Windows Update web site (usually referred to as "v3") did not require any personally-identifiable information to be sent to Microsoft.