Microsoft Corp. has reported a problem with one of its security patches released yesterday that requires some users to take additional steps to ensure it installs properly.
The problem affected patch number MS06-007, which fixes a TCP/IP vulnerability in several versions of Windows that could allow a denial-of-service attack. Microsoft called the patch important but not critical, and said users should install it as soon as possible. It was one of several patches released yesterday (see "Microsoft issues seven security patches").
Soon after its release, Microsoft discovered a problem for users who tried to install MS06-007 through the following channels: Automatic Updates, Windows Update, Windows Server Update Services (WSUS), and Systems Management Server 2003 when used with the Inventory Tool for Microsoft Updates (ITMU), the company said.
Customers using Automatic Updates don't have to take any action because the patch will install properly with their next scheduled update, Microsoft said.
However, Microsoft Update and Windows Update customers who visited those sites before 8:30 p.m. Pacific Time yesterday need to revisit them and accept the security updates being offered, the company said.
Likewise, WSUS and Systems Management Server 2003 administrators who synchronized their servers to obtain the updates before 8:30 p.m. Pacific Time yesterday should manually synchronize their servers and approve the new updates, Microsoft said.
The updated instructions are in the Frequently Asked Questions section of the bulletin.
The problem didn't affect customers who installed the updates through Software Update Services or through Systems Management Server when not using ITMU, or who manually installed the patch from the Microsoft Download Center, the company said.
There was no problem with the patch itself, only the installation process, according to Microsoft. When the patch is installed properly, it protects against the vulnerability.
MS06-007 was one of seven patches released yesterday. The others included fixes for "critical" security flaws in Internet Explorer and Windows Media Player.
So much for their 'extensive testing' eh.
Anyways, WSUS pulled the updated..er...update last night some time and autoapproved it. Just a few machines needed rebooting this morning.
There are currently 1 users browsing this thread. (0 members and 1 guests)