Christopher Budd on the MSRC weblog confirmed that enterprise administrators using one of its patch distribution tools have not been able to install last week’s security updates. The company offered a workaround Microsoft Security Advisory 954474 and said it is working on a fix.
“we’re aware of an issue that is affecting the deployment of the June 2008 security updates. This issue only affects customers using System Center Configuration Manager (ConfigMgr) 2007; none of our other detection or deployment technologies are affected. Also, the issue only affects the deployment of security updates to System Management Server (SMS) 2003 clients of ConfigMgr 2007 servers. This means that to be affected by this issue, you must be running a mixed ConfigMgr 2007 and SMS 2003 environment. If you are not running this specific configuration, this issue does not affect you.”
The impact of this issue is that customers in this configuration cannot deploy the June 2008 security updates to their SMS 2003 clients using the Inventory Tool for Microsoft Updates (ITMU).
Our security response process focuses not just on releasing security updates but also on monitoring and making sure customers can deploy them. Because of this, in response to this issue, we’ve activated our Software Security Incident Response Process (SSIRP) and our engineering teams are working to develop a solution for this issue. We’ll update the MSRC weblog and the advisory with more information as we have it.
In the meantime, customers can use the Software Distribution within ConfigMgr 2007 to deploy the June security updates as indicated in the security advisory.