Last week, Microsoft issued an update for Windows XP that made them suddenly get the Blue Screen of Death each and every time you tried to boot up. Microsoft had to try pretty hard to figure out what the problem was, and they found out that it wasn’t technically the patch they put out, but it was some malware that was already inside of thousands of users computers!
Windows XP users who were already infected with the Alureon rootkit would be the ones who experienced these crashes, but only after the update from Microsoft was applied.
Microsoft’s Mike Reavey writes on its TechNet blog:
We wanted to provide you with an update on our ongoing investigation into the “blue screen” issues affecting a limited number of customers who installed MS10-015. We have been working around the clock with our customers, partners and several teams at Microsoft to determine the cause of these issues. Our investigation has concluded that the reboot occurs because the system is infected with malware, specifically the Alureon rootkit. We were able to reach this conclusion after the comprehensive analysis of memory dumps obtained from multiple customer machines and extensive testing against third party applications and software. The restarts are the result of modifications the Alureon rootkit makes to Windows Kernel binaries, which places these systems in an unstable state. In every investigated incident, we have not found quality issues with security update MS10-015. Our guidance remains the same: customers should continue to deploy this month’s security updates and make sure their systems are up-to-date with the latest anti-virus software.
Check out Sophos Anti-Virus for removal of the rootkit, or Contact Me if you are in the Naperville area and you aren’t sure what exactly to do.
