Microsoft pulled security patch MS10-015 from its Windows Update service early on Friday. The patch, designed to resolve a vulnerability in the Windows kernel that could allow an elevation of privilege, was rated important, and affected versions of the Windows operating system from XP with service pack two, through to Windows 7 for 32-bit systems.
"In our continuing investigation into the restart issues related to MS10-15 that a limited number of customers are experiencing, we have determined that malware on the system can cause the behavior," said Jerry Bryant, senior security communications manager lead at Microsoft. "We are not yet ruling out other potential courses at this time and are still investigating."
The problem caused so much consternation among users that Microsoft employees were forced to drive out to customer locations to carry out memory dumps from affected machines, Microsoft said. Because the problem made it impossible to reboot affected computers, remote analysis was made very difficult.
Although Microsoft stopped offering the update through Windows Update as soon as it discovered the restart issues, users of enterprise deployment systems such as Systems Management Server or Windows Server Update Services will still see the packages and be able to deploy them.