After the release of MS06-007 on Tuesday 14 February 2006, Microsoft became aware of an issue affecting  the installation of MS06-007.

Microsoft quickly investigated the issue and determined that customers who attempted to install the MS06-007 security updates through Automatic Updates, Windows Update, Windows Server Update Services and Systems Management Server 2003 when using the Inventory Tool for Microsoft Updates (ITMU) were affected. The issue did not affect customers who installed the updates through Software Update Services or through Systems Management Server when not using ITMU, or manually installed the Security Update from the Microsoft Download Center

Our investigation has concluded that issue was an installation issue where MS06-007 was not successfully installing when users attempted to install it through affected distribution channels. The issue does not affect the security update MS06-007 itself. When successfully installed, MS06-007 fully protects against the Internet Group Management Protocol (IGMP) vulnerability. Also, the installation issue only affects MS06-007; no other security updates were affected by this issue.

Microsoft has updated these distribution channels to correct these issues. Customers who encountered this issue should take the following actions:

  • Automatic Updates (AU) - AU customers need take no action: the new updates will automatically download.
  • Windows Server Update Services (WSUS) - WSUS Administrators who had synchronized their WSUS Server to obtain the updates released on Tuesday 14 February, before 8:30PM PST that evening should manually synchronize their WSUS Servers and approve the new updates.
  • Systems Management Server 2003 with the Inventory Tool for Microsoft Updates (ITMU) - SMS Administrators should who had synchronized their servers to obtain the updates released on Tuesday 14 February, before 8:30PM PST that evening should re-synchronize their servers for the latest updates.
  • Microsoft Update (MU) and Windows Update - Customers who visited MU and WU before 8:30 PM on Tuesday February 14th, should revisit MU or WU and accept the downloads being offered to them.

Our investigation has determined there was an issue in the distribution infrastructure in handling this particular update which has been identified and resolved. Microsoft is taking steps to prevent similar issues from occurring in the future.

From an SMS ITMU perspective, this only affects customers who run both SMS ITMU and AU in their environment, becaues this issue only affected the binary delta version of the update and not the full file version (the one that ITMU always uses by default). If AU downloads the binaries before ITMU does, when ITMU tries to copy the files, it will recognize that the WUA cache already contains the updates and attempt to execute the installer package, which due to the above issue, will fail. If an SMS customer is in this situation, they simply need to just let their advertisements for ITMU re-run. When AU runs again it will detect that the binary delta update has been removed, and clear it from the cache. Then SMS ITMU will download and successfully install the update.