Microsoft retains weapon to silently scrub XP
Will automatically push malware cleanup tool to Windows XP until July 2015
Computerworld - Microsoft will be able to silently reach into Windows XP PCs for more than a year after it stops patching the aged OS to clean malware-infected machines, sources close to the company confirmed Friday.
The Malicious Software Removal Tool (MSRT) will continue to be updated and deployed via Windows Update through July 14, 2015, 15 months after the Redmond, Wash. company serves its final public security patches for XP on April 8 of this year.
By extending the life of the MSRT -- and more importantly, automatically running it each month -- Microsoft will be able to clean some PCs if massive malware outbreaks hit Windows XP after it's retired from support.
MSRT is updated monthly as Microsoft targets one or more major malware families it believes are the biggest current threats. The tool is posted for manual download on Microsoft's website and distributed through the Windows Update service on "Patch Tuesday," the second Tuesday of each month when Microsoft pushes security patches to customers running still-supported editions of Windows. MSRT automatically installs on PCs with Automatic Updates enabled, and then runs a seek-and-destroy mission in the background without any action on the part of the user.
MSRT is not an antivirus program, but rather a cleaning utility designed to eradicate malware that has already snuck onto a Windows PC. The tool was first released in 2005, but was last updated Jan. 14, 2014, when Microsoft added detection and deletion capabilities for the "Bladabindi" malware family.
The extension of MSRT availability was part of the firm's decision earlier this month to offer new anti-malware signatures to XP customers who run the company's free Security Essentials antivirus (AV) software.
Previously, Microsoft said it would stop shipping Security Essentials' signature updates to XP PCs after April 8. But in a tacit nod to XP's widespread use, Microsoft postponed the cut-off until July 14, 2015.
With MSRT, Microsoft will have a weapon at the ready in case widespread malware infections strike XP machines after April 8, something the company has said is likely. If new malware pops up, or an older virus, worm or Trojan horse begins infecting large numbers of Windows XP systems -- perhaps because they exploited a vulnerability that will never be patched -- Microsoft can at least use the MSRT to try to disinfect those PCs.
Extending MSRT's life on XP will not only help customers still running the 13-year-old OS, but is also smart for Microsoft, which could face a public relations backlash if large numbers of compromised Windows XP machines are used by hackers to infect other devices running Vista, Windows 7 and Windows 8.
Windows XP lives
- Microsoft slashes Windows XP custom support prices just days before axing public patches
- Update: IRS misses XP deadline, will spend $30M to upgrade remaining PCs
- Microsoft Patch Tuesday bids adieu to Windows XP
- FAQ: Good-bye old pal, old paint, Windows XP
- Windows XP: The end is nigh
- How to Support Windows XP Now That Microsoft Isn't
- Microsoft sketches out final Windows XP security updates for next week
- Last-minute lazybones dump Windows XP
- Microsoft returns to scare tactic well in dump-XP campaign
- Microsoft tries to tempt XP diehards with $100 discount on new PCs
- 2013 Cyber Risk Report The "Cyber risk report 2013 Executive summary" presents the major findings of HP Security Research's comprehensive dive into today's cyber vulnerability and threat...
- Why You Need a Next-Generation Firewall This white paper explores the reasons for implementing next-generation (NG) firewalls and lays out a path to success for overburdened IT organizations.
- Path Selection Infographic Path Selection Infographic
- Hyperconvergence Infographic A wide range of observers agree that data centers are now entering an era of "hyperconvergence" that will raise network traffic levels faster...
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Malware and Vulnerabilities White Papers | Webcasts