Microsoft has withdrawn an update for Windows Server because the patch, issued eight days ago, does not treat the root cause of the problem it was meant to fix.

MS10-025 was designed to address a flaw specific to Windows 2000 Server installations also running Windows Media Services.

The bug was critical for affected users, who are now advised by Microsoft to relying on previously published mitigations against attack while they wait for an effective patch, promised for next week. Redmond assured users that the bug is not being actively exploitated by hackers.

Microsoft's explanation for withdrawing the update can be found on its Security Response blog here. A brief note on the issue from the Internet Storm Centre is here. ®

Related stories

• So long then, Windows 2000 (15 July 2010)
• MS kernel patch skirts infected machines (16 April 2010)
• Microsoft, Adobe, Oracle unite with massive patch batch (13 April 2010)
• MS delivers emergency IE fix (30 March 2010)
• Microsoft pushes temporary security fix to IE laggards (15 March 2010)
• Rootkit blamed for Blue Screen patch update snafu (15 February 2010)