Please Explain Windows Side-by-Side
Could someone please explain the nature and operation of Windows Side-by-Side. I am SSA to numerous Windows servers which while fully patched with all available MS security updates still have vulnerable versions of patched files below the C:\Windows\WinSxS folder. Now, security personnel in the various networks where our servers reside are giving me grief over these vulnerable copies. It seems to me that these copies are the responsibility of third-party software vendors--though some are for MS products such as the C++ Runtime. If my understanding of Windows Side-by-Side is correct, Windows security updates deal with the "main copies" of the system files and libraries and patches from other vendors (or other MS patches) would update the WinSxS files. Is this correct? Kind regards, Opus
May 16th, 2010 11:33pm

good blog entry on winsxs over here: http://blogs.technet.com/askcore/archive/2008/09/17/what-is-the-winsxs-directory-in-windows-2008-and-windows-vista-and-why-is-it-so-large.aspx
Free Windows Admin Tool Kit Click here and download it now
May 17th, 2010 1:57am

I saw this article soon after posting my question, but it focuses on newer O/Ses. I failed to mention before that we are using Windows Server 2003, and it is clear that in this O/S, the component store works quite differently. Instead of having the entire O/S in the component store, all that is there are the Windows Side-by-Side assemblies. In our servers, the WinSxS folder is only about 30+MB, but the entire Windows folder is around 4GB. Moreover, the files that are present are known side-by-side assemblies. This definitely shows that the component store was used in a more limited way in this O/S. I am primarily interested in what happens when Windows Update installs a patch in Windows Server 2003. Here is what I imagine it would do: For a Windows Side-by-Side assembly: Create a new delta of an assembly in the component store. Project that new assembly into the system however it requires. Retain all previous deltas. For a non-Windows Side-by-Side assembly, it would just overwrite the assembly in the "real" file system location. This would explain the persistence of "vulnerable assemblies" in our servers while still being such a limited size. Kind regards, Opus
May 17th, 2010 5:06am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics