Microsoft security patch flaw plugged by hackers

THE AUTHORS of the rootkit that caused 'blue screen of death' (BSOD) crashes on some Windows XP systems have updated the malware so it doesn't do that any longer.

For once the Vole is not directly to blame for the issue. The problem started late last week after Microsoft released its Security Bulletin MS10-015 update. The update just so happened to clash with a TDL3 rootkit and only took down PCs using Windows XP. Microsoft was forced to issue a statement on its tech blog.

The Vole's blog post reads, "In our continuing investigation in to the restart Issues related to MS10-015 that a limited number of customers are experiencing, we have determined that malware on the system can cause the behavior. We are not yet ruling out other potential causes at this time and are still investigating."

Microsoft still hasn't either confirmed or denied the problem is directly caused by the TDL3 rootkit. This is despite the fact that the BSOD crashes reported on its support forums affect mainly XP users who have installed the MS10-015 security patch. That is a pretty consistent problem.

The malware fix by the rootkit's authors isn't a random act of kindness for XP users. Rootkits are designed to evade detection, so a BSOD on a hacked PC lets the user know that their PC was infected, making it likely they'll clean it up. It also means that the hackers are denied access to the infected systems that crash. µ

• Tweet  
• Facebook  
•  
•  
• Send to  

• Topics
• Developer