Blue screen reboots after patch could mean malware
- 19 February, 2010 07:45
- Comments
Redmond announced today it has found the cause of reported rebooting problems after some Windows users installed a recent patch: The systems were infected with malware.
Specifically, the Alureon rootkit, a type of stealth malware that's used to hide other malware infections. Rootkits typically change important system files to perform their obfuscation, and in this case Microsoft says those system changes caused major problems after the MS10-015 kernel patch, shipped during the last Patch Tuesday, was installed.
A Microsoft Security Response Center post says that the company first heard of the reboot problems on the 10th, and halted the distribution of MS10-015 via Automatic Updates while it investigated. That research confirmed the problem with the rootkit.
According to the post, the Alureon varieties seen by Microsoft only affect 32-bit systems. Also, problem reports have largely involved Windows XP systems. For that reason, Redmond says it will resume distributing the MS10-015 patch for 64-bit systems via Windows Update.
While I'm more than willing to take Microsoft to task when they screw up, in this case I don't think anyone could hold Redmond at fault here when the root cause is a malware infection. It could even be a good thing, since the only thing worse than dealing with a constantly rebooting system is unknowingly using an infected system and having all your passwords and financial info stolen.
Another post from the Microsoft Malware Protection Center provides some technical details on Alureon, and also notes that the latest varieties of the malware no longer conflict with MS10-015. Also, if your own PC has been constantly rebooting since applying this patch and you think you might be infected with the rootkit, Microsoft says it will provide free technical support at its PC Safety hotline at 1-866-727-2338.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
- Bookmark this page
- Share this article
- Got more on this story? Email CIO
- Follow CIO on twitter
- The Low-down on Low-level Rootkits - PCWorld
- Microsoft Security Bulletin MS10-015 - Important: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (977165)
- Critical Windows Fixes For DirectShow, Network-based Attacks - PCWorld
- The Microsoft Security Response Center (MSRC)
- Firefox Foils Microsoft's Security Hole - PCWorld
- Microsoft Malware Protection Center
- Traditional Backup is Dead - Are you prepared?
- SOA Adoption for Dummies
- Virtualisation and Cloud Computing: Optimised Power, Cooling, and Management Maximises Benefits
- CommVault Extends its Data Protection and Information Management Strategy with Simpana 9
- Optimizing Data Quality in the Enterprise - How to Tackle Your Bad Information
-
Australia's first 4G smartphone is the HTC Velocity 4G
-
Swedish e-commerce startup's execs linked to NYC sex crime
-
Face Time - Interview with John Brennan and Robert DiStefano
-
How to implement next-generation storage infrastructure for Big Data
-
Pfizer's Future Depends on IT Transformation
-
Endpoint Buyers Guide
In this Endpoint Buyers Guide, we examine the top vendors according to market share and industry analysis: Kaspersky Lab, McAfee, Sophos, Symantec and Trend Micro. Each vendor’s solutions are evaluated according to: Product features and capabilities, Effectiveness, Performance, Usability, Data protection and Technical support. -
Seven SOA Practices to Unlock Business Value
The fact is that companies are increasingly using SOA to gain competitive business advantage. Distilled down to seven essential SOA practices, the following list enables IT professionals to tightly align SOA investments with their organization’s business priorities. Using these practices can help with driving competitive advantage and adding measurable business value...and that’s a sure way for IT pros to win recognition and ongoing support within their companies. -
Optimised License Management for the Datacenter
Optimised license management is a necessity for all licenses owned by the enterprise. While organisations are starting to understand their license position for the desktop estate, the reality is that licensing in the datacenter presents a daunting set of challenges that require a robust, automated license management solution. Learn about how to address the unique license management requirements of all enterprise IT environments including the desktop and the datacenter.
-
Excel 2007 All-In-One Desk Reference for Dummies
-
Office 2007 for Dummies
-
Windows 7 for Dummies®
-
Windows 7 for Dummies® Dvd+book Bundle
-
Microsoft Office
-
Computers for Seniors for Dummies, 2nd Edition
-
Windows 7 for Seniors for Dummies®
-
MYOB Software for Dummies 6E Australian Edition
-
Teach Yourself Visually Windows 7
Get exclusive access to Invitation only events CIO, reports & analysis. 
Comments
Post new comment