IIS went down this morning after KB 958644 was isntalled automatically last night. My sites were showing "Service Unavailable"
there were several system event logs like so:
- A process serving application pool '.Net 2.0 App Pool' suffered a fatal communication error with the World Wide Web Publishing Service. The process id was '2960'. The data field contains the error number.
- Application pool '.Net 2.0 App Pool' is being automatically disabled due to a series of failures in the process(es) serving that application pool.
rebooting the server did not solve the problem. so, on further research,
KB article 885654 revealed the cause of the errors, lack of registry permissions for NETWORK SERVICE. i hadn't changed any configuration on the server so assumed it was caused by a change in that windows update package. i dug out
ProcessMonitor and set up a registry filter for w3wp.exe where the Result was ACCESS DENIED. there were about 50 entries during the time i enabled event capture and loaded up one of the sites that uses the affected application pool. Most of them pointed to SystemCertificates entries. I went through each one in regedit and gave NETWORK SERVICE full control where the process attempted to Create a key, and Read only access where the process attemped to Open the key. worked fine then.
hope this helps someone out.