Infected XP machines remain unpatched
Posted on 16 April 2010.
To avoid the systems crashes from February, which were triggered by the security updates to the Windows kernel and tied to the fact that the machines were infected by the Alureon rootkit, Microsoft has made some modifications to the security updates released on Tuesday.


The updates will do their job with uninfected Windows XP systems, but will halt installation if they spot that the system is compromised by the rootkit. As Microsoft explained in the notes that follow the issuing of the patch, some "abnormal conditions on a system could be the result of an infection with a computer virus that modifies some operating system files, which renders the infected computer incompatible with the kernel update."

That means that those people whose PCs are infected will not be able to update their system, and I can understand Microsoft not wanting to put people off patching and updating.

I am just a little bit skeptical about the effectiveness of way they are trying to warn their customers about the problem - i.e. when the automatic patching fails, the users are presented with a warning message about why that happened (or, actually, didn't happen), so that they can do something about it - i.e. download a malware removal tool and remove the rootkit.

The problem lies in the users - some will see the message and ignore it, and some will not understand what they should do. On the other hand, there is not much Microsoft can do about it - there is no big red button that the users can press and "make it all better".






Spotlight

Targeted attack protection via network topology alteration

Posted on 17 October 2014.  |  This article from Trend Micro tackles how network topology can aid in defending the enterprise network from risks posed by targeted attacks.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Mon, Oct 20th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //