Microsoft says rootkit caused Windows blue screens
Users may have to reinstall Windows to eradicate the malware
Computerworld - Microsoft late on Wednesday confirmed that a rootkit caused Windows PCs to crash after users applied a security patch issued last week.
Only systems infected with the Alureon rootkit were incapacitated with Blue Screen of Death (BSOD) errors that prevented booting, said Mike Reavey, the director of the Microsoft Security Response Center (MSRC), in an announcement on the center's blog. "Our investigation has concluded that the reboot occurs because the system is infected with malware," said Reavey.
He added that the MS10-015 update was not at fault. "We have not found quality issues with security update MS10-015," Reavey maintained.
Within hours of the Jan. 9 release of MS10-015 and 12 other security updates, users reported that their computers wouldn't restart. Two days later, Microsoft halted automatic distribution of MS10-015 and launched an investigation, which revealed that malware might be the cause.
Yesterday, Reavey echoed independent researchers who earlier had blamed an address conflict between MS10-015 and the rootkit for the debacle. "Malware writers modified Windows behavior by attempting to access a specific memory location, instead of letting the operating system determine the address," explained Reavey. "MS10-015 was downloaded and installed, during which the location of Windows code changed. On the next reboot the malware code crashed attempting to call a specific address in Windows code which was no longer the intended OS function."
MS10-015 patched a 17-year-old bug in the kernel of all 32-bit versions of Windows.
- Microsoft strips some Windows 7 users of IE11 patch privileges
- Windows 7 powers more than half of all PCs
- HP sticks thumb in Microsoft's eye, discounts consumer Windows 7 PCs
- Microsoft retracts Windows 7 PC end-of-sales deadline
- Microsoft ends Windows 7 retail sales
- Microsoft promises IE11 on Windows 7
- Boutique PC seller laughs all the way to the bank on the back of Windows 7
- Microsoft starts auto-installing Windows 7 SP1 on consumer PCs Tuesday
- Microsoft warns of looming retirement for Windows 7 RTM
- Consumer Reports makes case for Windows 7 PCs
- Mobile First: Securing Information Sprawl Learn how the partnership between Box and MobileIron can help you execute a "mobile first" strategy that manages and secures both mobile apps...
- Cybersecurity Imperatives: Reinvent your Network Security The Rise of CyberSecurity
- Surescripts Case Study- Securing Keys and Certificates Surescripts implemented Venafi's Trust Protection Platform™ to secure digital keys and certificates, ensure the privacy and confidentiality of electronic clinical information for its...
- Ponemon 2014 SSH Security Vulnerability Report According to research by the Ponemon Institute, 3 out of 4 enterprises have no security controls in place for SSH which leaves organizations...
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities.
- Deep Dive into Advanced Networking and Security with Hybrid Cloud Security and networking are among the top concerns when moving workloads to the cloud. VMware vCloud® Hybrid Service™ enables you to extend your... All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!