Malware Indeed Responsible for February Patch Tuesday BSOD Problems
The Microsoft Security Response Center (MSRC) has confirmed the fact that malware is to blame for the BSOD (Blue Screen of Death) issues some Windows XP users have been experiencing after applying the updates from this month’s Patch Tuesday.
“We have been working around the clock with our customers, partners and several teams at Microsoft to determine the cause of these issues. Our investigation has concluded that the reboot occurs because the system is infected with malware, specifically the Alureon rootkit. We were able to reach this conclusion after the comprehensive analysis of memory dumps obtained from multiple customer machines and extensive testing against third party applications and software,” explained MSCR Director Mike Reavey.
During the February ’10 Patch Tuesday, Microsoft released 13 security bulletins (5 critical) that addressed a total of 26 security vulnerabilities in the Windows operating system and Office productivity suite. After getting the update, some Windows XP users started seeing the dreaded BSOD. Microsoft launched and investigation and determined that security bulleting MS10-015 might be to blame.
As the investigation moved on, Microsoft found out that malware might be to blame, not the MS10-015 security bulletin. But at the time they were not exactly sure this was the case. Now the MSRC is sure.
“The restarts are the result of modifications the Alureon rootkit makes to Windows Kernel binaries, which places these systems in an unstable state. In every investigated incident, we have not found quality issues with security update MS10-015. Our guidance remains the same: customers should continue to deploy this month’s security updates and make sure their systems are up-to-date with the latest anti-virus software,” explained Mike Reavey.
If you’re interested in finding out more about security bulletin MS10-15, here are the highlights:
Title: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege
Rating: Important
Description: One publicly disclosed and one privately reported vulnerability in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logged on to the system and then ran a specially crafted application. To exploit either vulnerability, an attacker must have valid logon credentials and be able to log on locally. The vulnerabilities could not be exploited remotely or by anonymous users.
Most likely attack vector: Attacker already able to execute code as low-privileged user escalates privileges.
Affected software: Microsoft Windows.
Tags: Microsoft, Patch Tuesday, Update, Security, Blue Screen of Death, Malware, Alureon rootkit
“We have been working around the clock with our customers, partners and several teams at Microsoft to determine the cause of these issues. Our investigation has concluded that the reboot occurs because the system is infected with malware, specifically the Alureon rootkit. We were able to reach this conclusion after the comprehensive analysis of memory dumps obtained from multiple customer machines and extensive testing against third party applications and software,” explained MSCR Director Mike Reavey.
Advertising
During the February ’10 Patch Tuesday, Microsoft released 13 security bulletins (5 critical) that addressed a total of 26 security vulnerabilities in the Windows operating system and Office productivity suite. After getting the update, some Windows XP users started seeing the dreaded BSOD. Microsoft launched and investigation and determined that security bulleting MS10-015 might be to blame.
As the investigation moved on, Microsoft found out that malware might be to blame, not the MS10-015 security bulletin. But at the time they were not exactly sure this was the case. Now the MSRC is sure.
“The restarts are the result of modifications the Alureon rootkit makes to Windows Kernel binaries, which places these systems in an unstable state. In every investigated incident, we have not found quality issues with security update MS10-015. Our guidance remains the same: customers should continue to deploy this month’s security updates and make sure their systems are up-to-date with the latest anti-virus software,” explained Mike Reavey.
If you’re interested in finding out more about security bulletin MS10-15, here are the highlights:
Title: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege
Rating: Important
Description: One publicly disclosed and one privately reported vulnerability in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logged on to the system and then ran a specially crafted application. To exploit either vulnerability, an attacker must have valid logon credentials and be able to log on locally. The vulnerabilities could not be exploited remotely or by anonymous users.
Most likely attack vector: Attacker already able to execute code as low-privileged user escalates privileges.
Affected software: Microsoft Windows.
Tags: Microsoft, Patch Tuesday, Update, Security, Blue Screen of Death, Malware, Alureon rootkit
I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 28 May 2012
Mozilla introduced a new program meant to educate millions of people, the Mozilla Webmaker program.
By George Norman on 26 May 2012
Piriform updated its products, making CCleaner less annoying and Defraggler a lot faster.Related News
By George Norman on 10 Feb 2012
Microsoft has just announced that this February, as part of the Patch Tuesday program, it will roll out a grand total of 9 security bulletins to all customers all over the world.
By George Norman on 06 Jan 2012
On the 10th of January 2012, Microsoft will release seven security bulletins as part of its Patch Tuesday program. The aforementioned bulletins are meant to address a total of 8 vulnerabilities that plague the Microsoft Windows operating system and
By George Norman on 12 Mar 2012
A total of six security bulletins will be released on Tuesday, the 13th of March by Microsoft as part of its Patch Tuesday program
By George Norman on 13 Dec 2011
Tuesday, the 13th of December, is December 2011 Patch Tuesday, the last Patch Tuesday of the year. This December Microsoft will release a total of 14 security bulletins to its customers.Advertising
Hot Software Updates
Top Downloads
2.
Opera5.
Trillian8.
AIM9.
Skype10.
Ad-Aware12.
Nero13.
Google Earth14.
Picasa15.
Winamp16.
iTunes17.
RealPlayer18.
uTorrent19.
eMule20.
WinRAR21.
BitComet22.
WinZip23.
Shareaza24.
CCleaner25.
Recuva26.
Tweak UI27.
CuteFTP Home29.
Adobe Reader30.
NewsPiperBecome A Fan!
Link To Us!
Malware Indeed Responsible for February Patch Tuesday BSOD Problems
HTML Linking Code
HTML Linking Code