Microsoft’s latest security updates conflict with some systems’ security settings by overwriting a previously installed file.
The security updates were issued on Tuesday 13 December and Microsoft has been forced to issue an advisory and workarounds to solve the problem.
Some users of Microsoft’s Software Update Services (SUS) have found that the status of software updates that had been previously approved have been changed, potentially leaving their systems open to attack.
SUS is used by administrators to gain more control over which Microsoft software patches are installed on their network. When a patch has been tested and approved for installation, it can be marked as approved and then installed automatically.
But Tuesday's patches disrupt this process as they overwrote a file that is used to keep track of approved updates.
The easiest solution to the problem is to restore the Approveditems.txt file from a backup copy, assuming users have one.
The Microsoft advisory said, “If you synchronise a server that is running Microsoft Software Update Services (SUS) 1.0 with Service Pack 1 (SP1) after 12 December, all the previously approved software updates may be unapproved.”
Full details on the problem are available here: