Microsoft readies new rootkit detection tool in light of Windows XP patching problems

Summary:Microsoft is working on a new tool for tecting and removing the Alureon rootkit from Windows' users systems after the company found that Alureon seems to be behind blue-screen problems experienced by some XP users who applied a recent Microsoft security fix.

A week ago, Microsoft officials said they were removing one of the company's Windows patches from the Windows Update pipeline because of reports of blue-screening by some XP users after applying that patch.

On February 17, via the Microsoft Security Response Center (MSRC) blog, the Softies shared the fruits of their investigations of this issue. My ZDNet blogging colleague Ed Bott had predicted, the blue screening was a result of malware already on users' XP machines. And that seems to be the case, Microsoft officials said -- specifically the Alureon rootkit.

According to the new blog post by MSRC Director Mike Reavey, Microsoft is "working on a simpler solution to detect and remove Alureon from affected systems which should be released in a few weeks." (Other third-party security firms are doing the same, Reavey said.)

There's no update in the new post as to when Microsoft will recommence distributing MS10-015 via automatic update (I'd think if and when that happens, it will be after Microsoft releases the Alureon rootkit-detection fix.)

Microsoft pulled MS10-015 (KB977165) from WIndows Update in early February after reports by users, including some XP users claiming blue-screen-of-death (BSOD) issues seemingly resulting from application of the that patch.

Users still having issues they believe may be the result of MS10-015 can obtain free support from Microsoft by going to https://consumersecuritysupport.microsoft.com or by calling 1-866-PCSafety (1-866-727-2338). International customers can find local support contact numbers here: http://support.microsoft.com/common/international.aspx.

Topics: Microsoft, Operating Systems, Security, Software, Windows

About

Mary Jo Foley has covered the tech industry for 30 years for a variety of publications, including ZDNet, eWeek and Baseline. She is the author of Microsoft 2.0: How Microsoft plans to stay relevant in the post-Gates era (John Wiley & Sons, 2008). She also is the cohost of the "Windows Weekly" podcast on the TWiT network. Got a tip? Se... Full Bio

Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.