Microsoft Update Inadvertently Finds Compromised Computers

Malware Purveyors Scramble to Hide From Blue Screen of Death

1 min read
Microsoft Update Inadvertently Finds Compromised Computers

Last week, Microsoft released a record of 13 patches to fix 26 vulnerabilities in Windows and Office. Of the 13, eleven were aimed at addressing problems in Windows.

Soon after the patches were released, reports started coming in from Windows XP users that one of the fixes, MS010-15 aka KB977165, was causing the dreaded "Blue Screen of Death" upon rebooting their machines. Microsoft suspended that patch while it investigated the problem.

Late last week, Symantec said that the BSOD was most likely caused by a rootkit that had infected the users' computers, and gave instructions on how to boot back up and what to do to clear out the rootkit.

In yesterday's ComputerWorld, there was a story about how the rootkit developers are now rushing to update their malware to try and not create a BSOD situation on a person's PC when Microsoft releases the patch again which would alert the person to the fact that they had an infected computer.  

ComputerWorld quotes a Microsoft spokesperson as saying, "Automatic Updates for MS010-015 will remain disabled until our investigation into the restart issues is complete."

Maybe Microsoft would be doing a lot of people a favor by announcing that it was now releasing MS10-015 along with a message stating that if you end up with the BSOD, you are probably infected, along with what to do next.

The longer Microsoft waits, the more time it gives hackers to update their rootkit software to hide that they are there.

The Conversation (0)