In a last minute decision,
Microsoft said on Friday
that it would not release a critical Windows patch that it had
promised to distribute on 12 September.
Late on Friday afternoon US time the software vendor pulled a security
bulletin from its website that it had published on Thursday, giving system
administrators advance warning of its monthly patch release.
The original bulletin promised to plug a hole in Windows which Microsoft
rated as 'critical', its most severe security ranking. The bulletin was
replaced
by a webpage explaining that "no new security updates" would be released.
Microsoft rates flaws as 'critical' only when they can be exploited without
user interaction.
Because the software vendor has not yet disclosed any details about the flaw
that the patch was supposed to fix, the delay should not put users at any
additional risk.
Microsoft released six patches last month as part of its
monthly update cycle, one of which was rated 'critical'. Worm authors crafted
the Zotob worm within days, exploiting the security hole
and wreaking havoc on Windows 2000 computers across the internet.
The Microsoft website did not say whether the speed at which the worm writers
succeeded in exploiting recent flaws played a part in the decision to pull the
patch.
The software maker will still go ahead with the release of one non-security
update for Windows as well as an updated version of its
Malicious
Software Removal Tool.
Do you agree?
Have your say on this article