On Tuesday night, the software giant's WindowsUpdate and AutoUpdate systems applied a patch to many Windows XP systems to fix an issue that originally was patched in November. The patch--and even some of the software giant's employees--because the company previously had said that there would not be any .
Get Up to Speed on...
Get the latest headlines and
company-specific news in our
expanded GUTS section.
Microsoft changed a parameter in how the update services decide whether a system needs the fix for the FrontPage Extensions flaw released in November, Sundwall said. Only systems that run Microsoft's Web server software, Internet Information Service (IIS), are threatened by the flaw, so the company originally decided to patch only Windows XP systems that had the service running. However, in December, the detection code was changed to expand the patch to the majority of Windows XP computers that weren't running the Web server software.
That change resulted in widespread distribution of the fix, Sundwall said. He added that anyone who installed IIS after the November patch would have gotten the fix through the automated update procedure.
"This patch was totally effective, and everyone who needed it got the patch," he said.
The software giant has updated its security bulletin on the flaw to reflect the change.
Microsoft previously said that it would attempt to make its patching process more. The company moved to a fixed to make the process more predictable for network and system administrators.