Microsoft's security patches hit snag

A glitch in Microsoft's latest security updates is causing a minor annoyance for Software Update Services users.

Some users of Microsoft's Software Update Services (SUS) may be experiencing a minor annoyance, thanks to a glitch in the company's latest security patches, released Tuesday. The latest update may be changing the status of software updates that had been previously approved by administrators who use the service, according to Microsoft.

"If you synchronize your server after December 12, 2005, all previously approved updates may be unapproved and the status may appear as 'updated,' Microsoft said in a note published Wednesday.

SUS is used by Microsoft administrators to gain more control over which Microsoft software patches get installed on their network. When a patch has been tested and determined to be appropriate for installation, it can be marked as "approved" and then automatically installed on the PCs being managed by the service.

Tuesday's glitch disrupts that process.

The problem is that the latest updates appear to have overwritten a file that is used to keep track of approved updates, said Russ Cooper, a scientist at security vendor Cybertrust.

Microsoft's note lists a number of work-arounds for this issue, but the simplest solution is to simply restore this file, called Approveditems.txt, from a backup copy, Cooper said.

"This shouldn't be a big problem for anybody because you're backing up that text file, aren't you?" he said. "But if you're not, be prepared to do a bunch of clicking."

Microsoft plans to release a script that will reset these settings to a previous state, the company said.

Join the newsletter!

Error: Please check your email address.

More about Microsoft

Show Comments