Skip the navigation

Microsoft fixes month-old WSUS patch snafu

Corrects latest update gaffe plaguing business users

July 10, 2008 12:00 PM ET

Computerworld - Microsoft Corp. yesterday issued a fix for a flaw that had blocked users from grabbing security patches through Windows Server Update Services (WSUS) for several weeks.

The hotfix, which Microsoft outlined in a support document published Wednesday, addresses a snafu first reported by the company's WSUS program manager, Cecilia Cole, three weeks ago.

At the time, Cole said that PCs with Office 2003, or components of that version of the application suite, were unable to retrieve updates from their designated WSUS servers because of an unspecified bug.

The WSUS problem was the second in two weeks with one of Microsoft's patching mechanisms. In mid-June, some corporations running System Center Configuration Manager 2007 (ConfigMgr) were unable to push patches to end users' machines. In both cases, a June update to Office 2003 Service Pack 1 was involved, Microsoft admitted. But it offered no further details.

Last week, in fact, a Microsoft spokesman said it was "premature" to say that the WSUS problem was related to a ConfigMgr glitch.

In yesterday's support document, Microsoft acknowledged that the WSUS bug was rooted in the Office 2003 update, but it didn't provide details. "This problem occurs because a recent revision to an Office 2003 Service Pack 1 update causes some WSUS 3.0 servers to incorrectly synchronize the revised update with the update's approvals," read the document. "When the affected client computers communicate with such a server, the Web service is unable to process the approvals. Therefore, the detection is unsuccessful."

Microsoft did not immediately reply to a request for more information about a possible link between the WSUS and ConfigMgr troubles.

However, the company did say it is still working on delivering the fix through the normal Windows Update and WSUS channels; currently, the patch is available only as a manual download.

"When released through WU/WSUS, it will be marked as a mandatory update, which means it will appear in the Updates/WSUS Updates node of the Admin console, and will be auto-approved by default," warned Marc Shepard, lead program manager, in an entry posted today to the WSUS team's blog.

Read more about Security in Computerworld's Security Topic Center.



Our Commenting Policies
Internet of Things: Get the latest!
Internet of Things

Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!