Microsoft’s latest security updates conflict with some
systems’ security settings by overwriting a previously installed
file.
The security updates were issued on Tuesday 13 December and
Microsoft has been forced to issue an advisory and workarounds to
solve the problem.
Some users of Microsoft’s Software Update Services (SUS) have
found that the status of software updates that had been previously
approved have been changed, potentially leaving their systems open
to attack.
SUS is used by administrators to gain more control over which
Microsoft software patches are installed on their network. When a
patch has been tested and approved for installation, it can be
marked as approved and then installed automatically.
But Tuesday's patches disrupt this process as they overwrote a
file that is used to keep track of approved updates.
The easiest solution to the problem is to restore the
Approveditems.txt file from a backup copy, assuming users have
one.
The Microsoft advisory said, “If you synchronise a server that
is running Microsoft Software Update Services (SUS) 1.0 with
Service Pack 1 (SP1) after 12 December, all the previously approved
software updates may be unapproved.”
Full details on the problem are available here:
support.microsoft.com/?kbid=912307