Infected XP machines remain unpatched
Posted on 16 April 2010.
Bookmark and Share
To avoid the systems crashes from February, which were triggered by the security updates to the Windows kernel and tied to the fact that the machines were infected by the Alureon rootkit, Microsoft has made some modifications to the security updates released on Tuesday.


The updates will do their job with uninfected Windows XP systems, but will halt installation if they spot that the system is compromised by the rootkit. As Microsoft explained in the notes that follow the issuing of the patch, some "abnormal conditions on a system could be the result of an infection with a computer virus that modifies some operating system files, which renders the infected computer incompatible with the kernel update."

That means that those people whose PCs are infected will not be able to update their system, and I can understand Microsoft not wanting to put people off patching and updating.

I am just a little bit skeptical about the effectiveness of way they are trying to warn their customers about the problem - i.e. when the automatic patching fails, the users are presented with a warning message about why that happened (or, actually, didn't happen), so that they can do something about it - i.e. download a malware removal tool and remove the rootkit.

The problem lies in the users - some will see the message and ignore it, and some will not understand what they should do. On the other hand, there is not much Microsoft can do about it - there is no big red button that the users can press and "make it all better".






Spotlight

Attackers use reflection techniques for larger DDoS attacks

Posted on 17 April 2014.  |  Instead of using a network of zombie computers, newer DDoS toolkits abuse Internet protocols that are available on open or vulnerable servers and devices. This approach can lead to the Internet becoming a ready-to-use botnet for malicious actors.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Apr 18th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //