Microsoft pulls critical security patch

Microsoft has pulled a security bulletin from its website

In a last minute decision, Microsoft said on Friday that it would not release a critical Windows patch that it had promised to distribute on 12 September. 

Late on Friday afternoon US time the software vendor pulled a security bulletin from its website that it had published on Thursday, giving system administrators advance warning of its monthly patch release.

The original bulletin promised to plug a hole in Windows which Microsoft rated as 'critical', its most severe security ranking. The bulletin was replaced by a webpage explaining that "no new security updates" would be released. 

Microsoft rates flaws as 'critical' only when they can be exploited without user interaction.

Because the software vendor has not yet disclosed any details about the flaw that the patch was supposed to fix, the delay should not put users at any additional risk.
Microsoft released six patches last month as part of its monthly update cycle, one of which was rated 'critical'. Worm authors crafted the Zotob worm within days, exploiting the security hole and wreaking havoc on Windows 2000 computers across the internet.

The Microsoft website did not say whether the speed at which the worm writers succeeded in exploiting recent flaws played a part in the decision to pull the patch.

The software maker will still go ahead with the release of one non-security update for Windows as well as an updated version of its Malicious Software Removal Tool.