Malware Indeed Responsible for February Patch Tuesday BSOD Problems
Article by George Norman
On 18 Feb 2010
The Microsoft Security Response Center (MSRC) has confirmed the fact that malware is to blame for the BSOD (Blue Screen of Death) issues some Windows XP users have been experiencing after applying the updates from this month’s Patch Tuesday.

“We have been working around the clock with our customers, partners and several teams at Microsoft to determine the cause of these issues. Our investigation has concluded that the reboot occurs because the system is infected with malware, specifically the Alureon rootkit. We were able to reach this conclusion after the comprehensive analysis of memory dumps obtained from multiple customer machines and extensive testing against third party applications and software,” explained MSCR Director Mike Reavey.


During the February ’10 Patch Tuesday, Microsoft released 13 security bulletins (5 critical) that addressed a total of 26 security vulnerabilities in the Windows operating system and Office productivity suite. After getting the update, some Windows XP users started seeing the dreaded BSOD. Microsoft launched and investigation and determined that security bulleting MS10-015 might be to blame.

As the investigation moved on, Microsoft found out that malware might be to blame, not the MS10-015 security bulletin. But at the time they were not exactly sure this was the case. Now the MSRC is sure.

“The restarts are the result of modifications the Alureon rootkit makes to Windows Kernel binaries, which places these systems in an unstable state. In every investigated incident, we have not found quality issues with security update MS10-015. Our guidance remains the same: customers should continue to deploy this month’s security updates and make sure their systems are up-to-date with the latest anti-virus software,” explained Mike Reavey.

If you’re interested in finding out more about security bulletin MS10-15, here are the highlights:

Title: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege
Rating: Important
Description: One publicly disclosed and one privately reported vulnerability in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logged on to the system and then ran a specially crafted application. To exploit either vulnerability, an attacker must have valid logon credentials and be able to log on locally. The vulnerabilities could not be exploited remotely or by anonymous users.
Most likely attack vector: Attacker already able to execute code as low-privileged user escalates privileges.
Affected software: Microsoft Windows.

Tags: Microsoft, Patch Tuesday, Update, Security, Blue Screen of Death, Malware, Alureon rootkit
About the author: George Norman
George is a news editor.
You can follow him on Google+, Facebook or Twitter

I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 17 Aug 2017
With the blockbuster movie season upon us, Sony decided to celebrate the occasion with a sale: the Attack of the Blockbusters Sale that offers discounts of up to 50% (60% if you’re a PlayStation Plus member) on a ton of PS4 video games.
By George Norman on 17 Aug 2017
Samsung’s new T5 portable solid-state drive (PSSD) uses the latest 64-layer V-NAND technology, offers between 250GB and 2TB of storage capacity, has a lightweight and shock-resistant design that’s smaller than the average business card, and delivers industry-leading transfer speeds of up to 540 MB/s.
Related News
Sponsored Links
Hot Software Updates
Top Downloads
Become A Fan!
Link To Us!
Malware Indeed Responsible for February Patch Tuesday BSOD Problems
HTML Linking Code