Microsoft has pulled a fix for a flaw affecting Windows 7 and Windows Server 2008, following the discovery of "unexpected behaviour" associated with it.
Microsoft announced the move in a revision on its threat advisory, just days after releasing the fix. The "behaviour" associated with the fix remains unknown, although Microsoft recommends uninstalling it as soon as possible.
"Microsoft recommends that customers experiencing issues uninstall this update. Microsoft is investigating behaviour associated with this update, and will update the advisory when more information becomes available," read the advisory.
The flaw relates to Windows 7 and Windows Server 2008's use of the SHA-1 hashing algorithm which, according to Microsoft, is leaving customers open to attack.
"The root cause of the problem is a known weakness of the SHA-1 hashing algorithm that exposes it to collision attacks. Such attacks could allow an attacker to generate additional certificates that have the same digital signature as an original," read the advisory.
"These issues are well understood and the use of SHA-1 certificates for specific purposes that require resistance against these attacks has been discouraged."
The Windows 7 and Windows Server 2008 fix is one of many Patch Tuesday updates pulled by Microsoft in recent years.
Microsoft pulled an ‘important' Windows kernel security fix in August less than a week after releasing it, following reports that it was crashing computers.
The latest pulled fix was one of many updates released during Microsoft's October update.
Microsoft released three critical fixes addressing flaws in Windows, Windows .Net framework and Internet Explorer, some of which are being actively exploited by hackers in the wild, alongside the Windows 7 and Server 2008 update.
