Microsoft has withdrawn Windows 8.1 Update 1 from its Windows Server Update Services (WSUS) platform over reports that it causes client systems to ignore future patches, even as it warns that machines without the update will be left behind at the end of the month.
Microsoft's Windows 8.1 Update 1, a required update for future security fixes, has been pulled from its corporate WSUS distribution service following the discovery of an update-blocking flaw.
A major update for Windows 8.1, previously codenamed Windows Blue, Windows 8.1 Update 1 adds a number of enhancements and improvements to Microsoft's flagship operating system. Many of these address criticisms regarding the user experience, which many still claim is weaker than Windows 7 when used on a device without a touch-screen display. Although some enhancements are being held back for future release - in particular the reintroduction of the Start Menu, dropped in Windows 8 in favour of the tile-based Start Screen - it's considered a major update for the platform.
It's major enough, in fact, that Microsoft is mandating its installation: computers running Windows 8.1 without Update 1, the company has advised, will cease receiving updates at the end of the month - including critical security updates. Those who want to remain protected, then, are gently encouraged to make sure that the update has been installed before the month is out.
That's easier said than done for corporate customers, however: Microsoft has pulled the update from its WSUS platform, which allows for distribution of approved software patches within an internal network, following reports of a serious flaw. When installed on a Windows 8.1 system, the computer loses the ability to check the WSUS server for future updates.
Although the flaw only affects servers running encrypted HTTPS connections, which is not the default, but with the latest TLS 1.2 functionality disabled, which is the default, the flaw is serious enough for the update to be removed from distribution. Although it will still be available through Windows Update for home users, WSUS administrators are asked to wait for an updated version to be released; those who have already deployed the flawed update can either enable TLS 1.2 if running WSUS on Windows Server 2008 R2 or disable HTTPS altogether if running on any other platform.
Microsoft has not offered a date for the patch's rerelease.