You can't always get it right. And Microsoft didn't get it right with one of the Bluetooth patches it issued last week on June's Patch Tuesday.
MS08-030 was listed as "critical" on June 10th, one of seven security updates patching ten vulnerabilities in Windows / other software. MS08-030 was supposed to fix a security vulnerability in Windows' Bluetooth implementation.
In a blog post announcing the re-release of MS08-030, Microsoft said:
After we released MS08-030 we learned that the security updates for Windows XP SP2 and SP3 might not have been fully protecting against the issues discussed in that bulletin. As soon as we learned of that possibility, we mobilized our Software Security Incident Response Process (SSIRP) to investigate the issue.
Our investigation found that while the other security updates were providing protections for the issues discussed in the bulletin, the Windows XP SP2 and SP3 updates were not.
Yep, that means what it sounds like: patches for other OSes were just fine, but not XP.
According to Microsoft, human error, at least two instances of it, seem to have been the root cause, though the investigation is still ongoing.
Our focus has been on delivering new versions of these updates to protect customers as quickly as possible. Now that that’s done, as part of our standard process, we’re beginning an investigation into how this happened. We’re just starting this investigation, but early on, it appears that there may have been two separate human issues involved. When we’re done with our investigation, we’ll take steps to better prevent it in the future.
Source: By Tech Ex http://technologyexpert.blogspot.com/
Comment and add to the story without registration, but keep the comments meaningful please. Links are not accepted.
