Microsoft Blames Rootkits for Security Update Crashes

MS-DOS

Remember when Microsoft's patch for a 17-year-old DOS vulnerability crashed some Windows XP machines? Microsoft says the problem was rootkits, not the security patch.

Earlier this month, Microsoft released a patch for its entire supported line of Windows operating systems—that’d be Windows 2000 all the way through Windows 7—which included a fix for a security vulnerability that had been lurking in its Virtual DOS Machine for some 17 years—a record by almost any standard. The problem was that the security update led to problems on some Windows XP machines: users would install the update, then find themselves faced with the dreaded Blue Screen of Death or an endless cycle of reboots. Some Windows XP users angrily railed against Microsoft for damaging their computers, and Microsoft promptly began looking into the problem. Their verdict? The problems Windows XP users experienced were caused by malware using the Alureon rootkit, not the security update.

“Our investigation has concluded that the reboot occurs because the system is infected with malware, specifically the Alureon rootkit,” wrote Microsoft’s Security Response Center director Mike Reavey, in a blog post. “We were able to reach this conclusion after the comprehensive analysis of memory dumps obtained from multiple customer machines and extensive testing against third party applications and software. The restarts are the result of modifications the Alureon rootkit makes to Windows Kernel binaries, which places these systems in an unstable state.”

Microsoft has determined that 64-bit versions of Windows are not vulnerable to the problem, and so has re-enabled Automatic Updates for those systems. However, Microsoft is still holding off on making the update available to 32-bit systems via Automatic Update.

In the meantime, Microsoft is recommending users make sure they’re running up-to-date antivirus and security software to make sure their systems aren’t infected by malware prior to installing any system updates. If users can’t confirm they’ve been able to remove the Alureon rootkit—which does go to a lot of effort to hide itself—Microsoft users back up their important files and data, then completely restore their systems to a re-formatted drive.

Related Posts

Trackback URL: http://www.digitaltrends.com/computing/microsoft-blames-rootkits-for-security-update-crashes/trackback/

Add A Comment

If you do not have an account, click here to Register with Digital Trends or Login To Your Account.

Join The Digital Trends Community

DT RSS Feed

Everyone wants to be an insider, and you can be one too! Choose your poison: sign-up for our Newsletter, join us on Facebook, or follow us on Twitter. Do all three and you'll be swimming in the the latest news, reviews, videos and more gadget goodness!

DT Newsletter Sign-Up

Sign-up for the Digital Trends newsletter and find out about the latest contests, the hottest content, and the most popular videos. Let us keep you up-to-date!

Our Facebook

Become a DT soldier! Join us on Facebook and share the best news, guides, videos and other cool information directly with all your friends. Some might even thank you for it!

Join the thousands and follow the best of us on Facebook.

Twitter Us

Do you like information in small snippets? Then our Twitter feed is just for you. Follow Digital Trends and you'll be able to catch up daily on our latest content, or even interact directly with our team. Tweet Tweet!

Join the thousands and follow the best of us on Twitter.

That's Right, Sign-up For Our Monthly Random Prize Drawings and You Could Be That Winner.