Yesterday, Microsoft released a major revision to MS10-025 (Vulnerability in Microsoft Windows Media Services Could Allow Remote Code Execution). While Microsoft revises security bulletins frequently, rarely do you see a major revision within a week of the original release. The reason for this revision is that "the original security update did not protect systems from the vulnerability described in this bulletin." As of this writing, Microsoft has pulled down the patch for MS10-025 (KB980858) and requested customers follow one of the following mitigation steps:
- Stop and disable Windows Media Unicast Service - Uninstall the Windows Media Services component using Windows Component WizardThis vulnerability only affects Windows 2000 Servers that have Windows Media Services running. As such its attack surface should be fairly small. According to MSRC, Microsoft plans to re-release MS10-025 sometime next week with the proper fix in place.