Hey, IT Pros! Chris Harrod here. I'm a Senior Premier Field Engineer here at Microsoft and would like to introduce you to a pretty slick tool written by Julien Clauzel in his spare time called SilverSeekKB. It was previously an internal tool exclusive to Microsoft, and has recently been made available to the public, which I think is pretty awesome. I've been taking advantage of this tool for quite some time to quickly assist in performing root cause analysis on a wide range of problems I encounter in my customers' environments. SilverSeekKB helps in determining the latest version of nearly any Microsoft binary, to include SQL, Exchange and a myriad of other products we've released. You’re probably wondering “That’s great, why is that so important?” As most IT administrators can attest, it takes a lot of effort to keep up with all the changes our products undergo with hotfixes and updates. SilverSeekKB allows you to identify possible hotfix solutions attributed to files or executables found in your troubleshooting process. Quite frequently I found I wasn’t aware there was a hotfix for the issue. I’m hoping you’ll add this to your troubleshooting toolbox before jumping into your favorite search engine and typing in a bunch of symptoms. It’s important to note that this tool only provides openly available information and it is ultimately up to the end-user in determining what hotfixes are applied. Please review the EULA for more information.
First, let's take a look at the SilverSeekKB UI and then we’ll go over a case study to illustrate its benefits. Generally, you'll start in the Main tab and you can place all of the binaries you want to search for in a space delimited format. From the pull-down menu, select the product you're looking for.
Clicking on "Search all latest builds" will kick you over to the summary tab where you can find the latest version of each file
To find granular detail on the files of all previous versions, and list hotfix information for each release, move over to the Details tab. Here you'll see every General Distribution Release and Limited Distribution Release version of the files. Notice the different file versions in the image below. If you're unfamiliar with the difference between GDR and LDR you can brush up at this blog. We highly suggest understanding the difference between the release branches and the implications from deviating from the GDR branch before applying LDR hotfixes to your baseline.
Scenario: A customer brings you a laptop that has been continuously experiencing a bug check, or as you may frequently hear it described as a BSOD. In this case we’re lucky enough to have a minidump of the crash, so let’s dig in and figure out what happened. We won't go over debugging in this blog, but we'll skim the surface so you can get a good start.
Using WinDBG, open the minidump and run the command vertarget. You’re going to want this information so you’re looking for the right updates in SilverSeekKB rather than searching every OS.
Conducting a !analyze –v will tell us what the debugger thinks it may know about what was going on at the time. The debugger’s conclusion of why we had a bug check can be seen at the top. This is important to remember, which I’ll demonstrate shortly. Before we go any further, note that there is a LOT more that goes into true debugging beyond opening a crash dump and firing off !analyze –v.
It looks like we may have had a problem with a driver called usbvideo.sys, so let’s start there. Let's find out what version this machine was using with the lmvm command.
At this point, we're not sure if there are any updates to the driver. Let's consult SilverSeekKB to see if there any hotfixes that may relate to our problem. We can see that there are newer versions, but the latest version is a security update that was available on Windows Update.
We're probably going to want to apply that update, but let's dig down a little deeper to see if there was a hotfix for this specific issue. On the Details tab, we can see all of the updates.
Looks like there were some updates for this specific problem (SYSTEM_THREAD_EXCEPTION_NOT_HANDLED). Because there are security updates for this video driver, my suggestion would be to apply the latest GDR version, knowing that the modifications for the earlier hotfix are in the latest version.
Usually, when I encounter an odd problem and I don’t have a minidump or process dump, I’ll go ahead and look for hotfixes by researching the components of whatever particular technology is involved.
Hopefully everyone will find this tool as useful as I do! Feel free to reach out in the comments section below if you have additional questions. Good luck!