The Microsoft Security Response Center has posted a blog entry indicating that it has revoked the update related to Microsoft security bulletin MS10-025 because it does not effectively correct the underlying vulnerability. This vulnerability affects Windows Media Services running on Windows 2000 Server. The blog entry indicates that Microsoft has targeted a re-release of the update for next week.
US-CERT encourages users and administrators to review the Microsoft Security Response Center blog entry and implement the suggested guidance to help mitigate the risks.
US-CERT will provide additional information as it becomes available.
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-3502 TrueConf Client…