Microsoft has confirmed that
the Blue Screen of Death issue reported
last week on Windows machines is caused by a rootkit.
According to Microsoft,
Windows systems infected with Alureon were hit with Blue Screen of Death errors
that prevented computers from booting after the user downloaded Microsoft patch
MS10-015.
“The restarts are the
result of modifications the Alureon
rootkit makes to Windows Kernel binaries, which places these systems in an
unstable state,” blogged Mike Reavey, director of the Microsoft Security
Response Center. “In every investigated incident, we have not found quality
issues with security update MS10-015.”
The update patched two
vulnerabilities affecting the Windows Kernel, and was one of 13 security
bulletins issued Feb. 9 as part
of Patch Tuesday. As reports of the problem came in, speculation began to
center on malware being the root cause.
According to Reavey,
Alureon modifies Windows behavior by attempting to access a specific memory
location instead of letting the operating system determine the address as it
normally does when an executable is loaded.
“The chain of events in
this case was a machine became infected, during which the malware made
assumptions as to the layout of the Windows code on the machine,” he explained.
“Subsequently MS10-015 was downloaded and installed, during which the location
of Windows code changed. On the next reboot, the malware code crashed
attempting to call a specific address in Windows code which was no longer the
intended OS function.”
The versions of Alureon
found to be causing the problem only infected 32-bit systems, according to
Microsoft.
"A malware compromise
of this type is serious, and if customers cannot confirm removal of the Alureon
rootkit using their chosen anti-virus/anti-malware software, the most secure
recommendation is for the owner of the system to back up important files and
completely restore the system from a cleanly formatted disk,” Reavey stated.
| | Reader Comments: Microsoft Confirms Blue Screen of Death Tied to Malware | | >>> Post your comment now!
| | BSODMicrosoft itself is one Big BSOD ! Leaving user uprotected not implementing security technology available today spying on user. And Why ?(MS invented... Posted At: 05-18-10
By: Steve | | | | | | Blue Screen FixThe blue screen started on my wife's computer 6 months ago (dell studio 17, from Best Buy). After weeks of working on the problem I noticed that... Posted At: 02-22-10
By: Anonymous | | | | | | MalwareIf your antivirus and anti-Trojan software is on guard, and you have the manufactures Live One Care to keep the home neat and you see the blue screen... Posted At: 02-20-10
By: kiteboss | | | | | | A user comment on this articleGlad I have nothing to do with you or your company since it would appear you CAN"T EVEN READ!
The article said nothing of the sort - the patch did... Posted At: 02-20-10
By: Anonymous | | | | | | who trusts Microsoft for securityGreat when a security patch creates an opening for malware and the spokesperson's recommendation is to reformat the affected drive and do a fresh... Posted At: 02-19-10
By: Bruce | | | | | | >>> Post your comment now! | | | | | |
|
 |
/ 7 
(Sponsor)
(Sponsor)
(Sponsor)
