Microsoft has reported a problem with one of its security patches released yesterday that requires some users to take additional steps to ensure it installs properly.
The problem affected patch number MS06-007, which fixes a TCP/IP vulnerability in several versions of Windows that could allow a DoS (denial-of-service) attack. Microsoft called the patch important, but not critical, and said users should install it as soon as possible. It was one of several patches released yesterday.
Soon after its release, Microsoft discovered a problem for people who tried to install MS06-007 through the following channels: Automatic Updates, Windows Update, WSUS (Windows Server Update Services), and Systems Management Server 2003 when used with the ITMU (Inventory Tool for Microsoft Updates), the company said.
Customers using Automatic Updates don't have to take any action because the patch will install properly with their next scheduled update, Microsoft said.
However, Microsoft Update and Windows Update customers who visited those sites before 4:30am GMT today need to revisit them and accept the security updates being offered, the company said.
Likewise, WSUS and Systems Management Server 2003 administrators who synchronised their servers to obtain the updates before this time should manually synchronise their servers and approve the new updates, Microsoft said.
The updated instructions are in the FAQs section of the bulletin.
The issue didn't affect customers who installed the updates through Software Update Services or through Systems Management Server when not using ITMU, or who manually installed the patch from the Microsoft Download Center, the company said.
There was no problem with the patch itself, only the installation process, according to Microsoft. When the patch is installed properly it protects against the vulnerability.
MS06-007 was one of seven patches released yesterday. The others included fixes for 'critical' security flaws in Internet Explorer and Windows Media Player.