Microsoft withdraws April Windows 2000 patch

In an unusual move, Microsoft has decided to withdraw one of the security updates that was released last week as part of April's Patch Tuesday. The software giant says that this was due to the patch not addressing the "underlying issue effectively," a fact that only came to light upon further study.

The update in question was supposed to resolve critical vulnerability MS10-025, and involves Windows 2000 Server's handling of network packets when running Windows Media Services.

Andrew Storms, director of security operations at nCircle Network Security, noted that "It's interesting why they chose to pull the patch." Via instant message, Storms mused to Computerworld, "If it doesn't fix the bug, does it have some kind of unexpected outcome? Otherwise, why simply pull it all together and leave a gap in coverage?"

Security analyst Jason Miller, of Pwn2Own fame, is of a different opinion however. Miller thinks that the update was retracted because it doesn't work, and not due to the presence of side effects.

For more on this story:
- check out this article at PCMag Blogs
- check out this article at Computerworld 

Related Articles:
Microsoft to rush emergency patch for Internet Explorer today
Latest security patch triggers BSOD in some Windows PCs
Microsoft urges users to upgrade from IE 6