Just days after fixing a glitch in one of its enterprise patch-distribution tools, Microsoft said that another of its patching programs has been blocking last week's security updates.

According to a Wednesday post to the Windows Server Update Services (WSUS) blog, some Windows client systems that rely on the free WSUS have been unable to retrieve the June 10 patches.

"Computers that have Office 2003 or components of Office 2003 installed fail to run a detection against a WSUS server that has the latest Office updates," said Cecilia Cole, a WSUS program manager. "This prevents the computers from receiving any updates from the WSUS server."

This is the second time in a week that Microsoft has told customers that its patch software is unable to deploy the newest updates. Those updates, which plugged 10 vulnerabilities in Windows, Internet Explorer (IE) and Bluetooth, were released June 10.

Last week, the company's security team warned corporate users of System Center Configuration Manager (ConfigMgr) 2007, the successor to System Management Server (SMS) 2003, that clients running SMS 2003 wouldn't obtain the June 10 fixes. The problem, said Microsoft Tuesday when it issued a hotfix, was "additional metadata" associated with Microsoft Office 2003 SP1.

Although Cole also linked the WSUS problem to Office 2003 SP1, she didn't say whether it was the same issue that plagued ConfigMgr. "When computers with products related to Office 2003 communicate with a [WSUS] server, the Web service is unable to process the approvals, resulting in the detection failure," she said in a section of the alert tagged as "Root Cause."

Microsoft neither confirmed or denied that the ConfigMgr and WSUS problems stemmed from one bug in Office 2003 SP1.

When asked whether both tools' troubles could be traced to the same source, a company spokesman said by e-mail only that, "Microsoft is actively investigating an issue that a limited number of customers are reporting [that] is affecting the deployment of the June 2008 security updates."

Some users have reported problems with blocked clients on Microsoft's WSUS forum, but they have left too little information to match their troubles with the error messages and log file content that Cole spelled out in her alert. "[WSUS] was working fine, but suddenly all the clients are not communicating with the WSUS server," said one user, identified as "the bull" in a message posted Tuesday. "When I checked, I see the request is sent by the client but WSUS server is not responding."

For more enterprise computing news, visit Computerworld. Story copyright Computerworld, Inc.