The update to kill certificates with shorter, more vulnerable keys, was triggered by the discovery of Flame, a sophisticated espionage tool uncovered by Kaspersky Lab. Flame infiltrated networks, scouted out the digital landscape and used a variety of modules to pilfer information. Among its tricks was one called the "Holy Grail" by researchers: It spoofed Windows Update to infect completely-patched Windows PCs.
Microsoft reacted by throwing the kill switch on three of its own certificates.
"Last chance," said Storms about users' opportunities to apply the update earlier, or block it from arriving on machines via WSUS (Windows Server Update Services). "While we have known for some time that the key update was going out, it's being officially released today," Storms added. "It will applied unless you stop it."
October's seven security updates can be downloaded and installed via the Microsoft Update and Windows Update services, as well as through WSUS.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, on Google+ or subscribe to Gregg's RSS feed. His email address is firstname.lastname@example.org.
Read more about malware and vulnerabilities in Computerworld's Malware and Vulnerabilities Topic Center.