Microsoft Reissues Patch, Encourages XP SP2, SP3 Re-Installs

Microsoft vulnerability still present from flaw thought fixed a weeks ago.

Microsoft Thursday blamed human error for having to reissue a patch originally released last week to close a critical flaw in Windows and encouraged users of Windows XP SP2 and SP3 to install it promptly.

MORE ON CIO.com

Microsoft's Critical Bluetooth Patch Didn't Work on XP

Windows XP SP3 Omits Critical Security Update

Microsoft Releases Windows XP SP3... Again

The company said patch MS08-030, issued on June 10, did not completely solve a vulnerability in Windows XP's Bluetooth stack that could allow a hacker to execute code on the compromised machine. The same patch also covered Windows Vista, but Microsoft said the problem does not affect that version of the operating system.

"Microsoft security bulletin MS08-030 does not fully address the vulnerability discussed in the security bulletin for these versions [SP2, SP3]," Christopher Budd, security response communications lead for Microsoft said on the Microsoft Security Response Center blog

Budd blamed the issue on "two separate human issues" and said Microsoft is investigating how the ineffective patch was eventually released. “When we're done with our investigation, we'll take steps to better prevent it in the future," Budd said.

Microsoft said the update is available through all the typical channels: Automatic Updates, Windows Update and Windows Server Update Services.

MS08-030 was part of Microsoft's monthly release of security updates issued last week. The patches addressed 10 vulnerabilities.

The problems with MS08-030 are not the only issues spawned by the June 10 release. Microsoft last week confirmed that corporations using System Center Configuration Manager 2007 and System Management Server 2003 client software could not use patch distribution features to install the updates. The company issued a fix for that problem on June 17.

This story, "Microsoft Reissues Patch, Encourages XP SP2, SP3 Re-Installs" was originally published by Network World.

Related:

Copyright © 2008 IDG Communications, Inc.

Get the best of CIO ... delivered. Sign up for our FREE email newsletters!