Microsoft retains weapon to silently scrub XP
Will automatically push malware cleanup tool to Windows XP until July 2015
Computerworld - Microsoft will be able to silently reach into Windows XP PCs for more than a year after it stops patching the aged OS to clean malware-infected machines, sources close to the company confirmed Friday.
The Malicious Software Removal Tool (MSRT) will continue to be updated and deployed via Windows Update through July 14, 2015, 15 months after the Redmond, Wash. company serves its final public security patches for XP on April 8 of this year.
By extending the life of the MSRT -- and more importantly, automatically running it each month -- Microsoft will be able to clean some PCs if massive malware outbreaks hit Windows XP after it's retired from support.
MSRT is updated monthly as Microsoft targets one or more major malware families it believes are the biggest current threats. The tool is posted for manual download on Microsoft's website and distributed through the Windows Update service on "Patch Tuesday," the second Tuesday of each month when Microsoft pushes security patches to customers running still-supported editions of Windows. MSRT automatically installs on PCs with Automatic Updates enabled, and then runs a seek-and-destroy mission in the background without any action on the part of the user.
MSRT is not an antivirus program, but rather a cleaning utility designed to eradicate malware that has already snuck onto a Windows PC. The tool was first released in 2005, but was last updated Jan. 14, 2014, when Microsoft added detection and deletion capabilities for the "Bladabindi" malware family.
The extension of MSRT availability was part of the firm's decision earlier this month to offer new anti-malware signatures to XP customers who run the company's free Security Essentials antivirus (AV) software.
Previously, Microsoft said it would stop shipping Security Essentials' signature updates to XP PCs after April 8. But in a tacit nod to XP's widespread use, Microsoft postponed the cut-off until July 14, 2015.
With MSRT, Microsoft will have a weapon at the ready in case widespread malware infections strike XP machines after April 8, something the company has said is likely. If new malware pops up, or an older virus, worm or Trojan horse begins infecting large numbers of Windows XP systems -- perhaps because they exploited a vulnerability that will never be patched -- Microsoft can at least use the MSRT to try to disinfect those PCs.
Extending MSRT's life on XP will not only help customers still running the 13-year-old OS, but is also smart for Microsoft, which could face a public relations backlash if large numbers of compromised Windows XP machines are used by hackers to infect other devices running Vista, Windows 7 and Windows 8.
Windows XP lives
- XPocalypse, not now
- Windows XP hack resurrects patches for retired OS
- Bug bounty program outs 7-month-old IE zero-day
- CA Technologies releases free XP migration tool
- Windows XP's U.S. farewell tour to last most of '14
- Microsoft sticks to vow, leaves XP exposed to ongoing attacks
- Microsoft's Patch Tuesday gives XP attackers a roadmap
- Microsoft: We're serious this time; XP's dead to us
- Windows XP die-hards can slash attack risk by dumping IE
- Hackers now crave patches, and Microsoft's giving them just what they want
- Workload Change: The 70 Percent of Your Business DevOps Forgot Adding WLA early in the development process ensures that the benefits of DevOps accrue for all applications, including your batch services. This paper...
- Ponemon 2014 SSH Security Vulnerability Report According to research by the Ponemon Institute, 3 out of 4 enterprises have no security controls in place for SSH which leaves organizations...
- QA Automation: Reducing Test Execution While Improving Coverage A leading capital investment firm in the US was in need of a comprehensive, cost effective and flexible solution to reduce their existing...
- Turning Insight Into Action: Social Media Intelligence The amount of data produced on social media is staggering - and so is the potential business value for enterprises that know what...
- Top 4 Digital Signage Fails Join RMG Networks for a look at four of the most common reasons digital signage fails in corporate businesses. Learn about strategies to...
- Protecting Critical SaaS Data Before It's Too Late In this webinar, you'll hear how to avoid SaaS data loss through best practices from a panel of experts. All Operating Systems White Papers | Webcasts