Microsoft has admitted that a number of firms have been unable
to patch their systems with the
monthly security patches the firm released last week, leaving
them vulnerable to attacks.
The fault lies in a Microsoft platform designed to make it
easier to handle and distribute security patches and other
software.
"This advisory is to let customers know that we're aware of an
issue that is affecting the deployment of the June 2008 security
updates. This issue only affects customers using System Center
Configuration Manager [ConfigMgr] 2007," Microsoft said in its
security blog.
It went on, "None of our other detection or deployment
technologies are affected. Also, the issue only affects the
deployment of security updates to System Management Server (SMS)
2003 clients of ConfigMgr 2007 servers".
This means that to be affected by the issue, said Redmond, users
must be running a mixed ConfigMgr 2007 and SMS 2003 environment.
Those that are not should not be affected.
"The impact of this issue is that customers with this
configuration cannot deploy the June 2008 security updates to their
SMS 2003 clients using the Inventory Tool for Microsoft Updates
(ITMU)," the firm said.
Microsoft has suggested
a
workaround to the problem in an advisory.