Microsoft removes patch from Windows Update

Microsoft has stopped offering one of its recent patches, MS10-015, through Windows Update because a "limited number of users" are having difficulty restarting their computers after installing the fix, Jerry Bryant, senior security communications manager at Microsoft, said in a Thursday blog post. Organizations using Systems Management Server (SMS) or Windows Server Update Services (WSUS) can still deploy the patch, which corrects a privilege-escalation flaw in the Windows kernel. Users who decide not to install the fix can apply a workaround, as described in an advisory that originally announced the vulnerability. Microsoft is working to resolve the issue, Bryant said. — DK