Infected XP machines remain unpatched
Posted on 16 April 2010.
To avoid the systems crashes from February, which were triggered by the security updates to the Windows kernel and tied to the fact that the machines were infected by the Alureon rootkit, Microsoft has made some modifications to the security updates released on Tuesday.


The updates will do their job with uninfected Windows XP systems, but will halt installation if they spot that the system is compromised by the rootkit. As Microsoft explained in the notes that follow the issuing of the patch, some "abnormal conditions on a system could be the result of an infection with a computer virus that modifies some operating system files, which renders the infected computer incompatible with the kernel update."

That means that those people whose PCs are infected will not be able to update their system, and I can understand Microsoft not wanting to put people off patching and updating.

I am just a little bit skeptical about the effectiveness of way they are trying to warn their customers about the problem - i.e. when the automatic patching fails, the users are presented with a warning message about why that happened (or, actually, didn't happen), so that they can do something about it - i.e. download a malware removal tool and remove the rootkit.

The problem lies in the users - some will see the message and ignore it, and some will not understand what they should do. On the other hand, there is not much Microsoft can do about it - there is no big red button that the users can press and "make it all better".






Spotlight

The role of the cloud in the modern security architecture

Posted on 31 July 2014.  |  Stephen Pao, General Manager, Security Business at Barracuda Networks, offers advice to CISOs concerned about moving the secure storage of their documents into the cloud and discusses how the cloud shaping the modern security architecture.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Aug 1st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //