Skip the navigation

Microsoft retains weapon to silently scrub XP

Will automatically push malware cleanup tool to Windows XP until July 2015

January 26, 2014 07:04 AM ET

Computerworld - Microsoft will be able to silently reach into Windows XP PCs for more than a year after it stops patching the aged OS to clean malware-infected machines, sources close to the company confirmed Friday.

The Malicious Software Removal Tool (MSRT) will continue to be updated and deployed via Windows Update through July 14, 2015, 15 months after the Redmond, Wash. company serves its final public security patches for XP on April 8 of this year.

By extending the life of the MSRT -- and more importantly, automatically running it each month -- Microsoft will be able to clean some PCs if massive malware outbreaks hit Windows XP after it's retired from support.

MSRT is updated monthly as Microsoft targets one or more major malware families it believes are the biggest current threats. The tool is posted for manual download on Microsoft's website and distributed through the Windows Update service on "Patch Tuesday," the second Tuesday of each month when Microsoft pushes security patches to customers running still-supported editions of Windows. MSRT automatically installs on PCs with Automatic Updates enabled, and then runs a seek-and-destroy mission in the background without any action on the part of the user.

MSRT is not an antivirus program, but rather a cleaning utility designed to eradicate malware that has already snuck onto a Windows PC. The tool was first released in 2005, but was last updated Jan. 14, 2014, when Microsoft added detection and deletion capabilities for the "Bladabindi" malware family.

The extension of MSRT availability was part of the firm's decision earlier this month to offer new anti-malware signatures to XP customers who run the company's free Security Essentials antivirus (AV) software.

Previously, Microsoft said it would stop shipping Security Essentials' signature updates to XP PCs after April 8. But in a tacit nod to XP's widespread use, Microsoft postponed the cut-off until July 14, 2015.

With MSRT, Microsoft will have a weapon at the ready in case widespread malware infections strike XP machines after April 8, something the company has said is likely. If new malware pops up, or an older virus, worm or Trojan horse begins infecting large numbers of Windows XP systems -- perhaps because they exploited a vulnerability that will never be patched -- Microsoft can at least use the MSRT to try to disinfect those PCs.

Extending MSRT's life on XP will not only help customers still running the 13-year-old OS, but is also smart for Microsoft, which could face a public relations backlash if large numbers of compromised Windows XP machines are used by hackers to infect other devices running Vista, Windows 7 and Windows 8.



Our Commenting Policies