Microsoft resumes XP patch distribution; says rootkit remover coming soon

Summary:In mid-February, Microsoft halted automatic distribution of one of its Windows patches, blaming the interaction of the patch with already-present malware on users' systems for a rash of blue-screen-of-death reports among XP users. On March 2, Microsoft began redistributing that patch, MS10-015.

In mid-February, Microsoft halted automatic distribution of one of its Windows patches, blaming the interaction of the patch with already-present malware on users' systems for a rash of blue-screen-of-death reports among XP users.

On March 2, Microsoft began redistributing that patch, and reiterated plans to release in a few weeks a rootkit detector aimed at removing the Alureon rootkit from users systems.

From a note I received from a Microsoft spokesperson:

"Today Microsoft resumed the distribution of MS10-015 to Windows customers through Automatic Update. The bulletin includes added detection logic for consumer and enterprise customers that searches for indications of the Alureon rootkit. If abnormal conditions such as modified operating system files generated by a computer virus associated with the Alureon rootkit are detected, the infected computer is rendered incompatible with MS10-015.

"If detection logic included in Automatic Update discovers abnormal conditions in certain operating system file configurations, the update will fail and customers will be presented with an error message that offers alternative support options. If this occurs, Microsoft customer support will work with impacted customers to resolve each issue.

"IT professionals can run a scanning tool to determine if a computer may be incompatible with MS10-015. If compatible, Microsoft Knowledge Base Article 980966 outlines additional information about deploying this update in a commercial environment."

Microsoft is working on an automated solution to detect and remove Alureon rootkit from affected systems, according to the aforementioned spokesperson, with availability of that detector -- for both consumers and enterprise customers -- expected "in a few weeks."

Topics: Security, Microsoft, Windows

About

Mary Jo Foley has covered the tech industry for 30 years for a variety of publications, including ZDNet, eWeek and Baseline. She is the author of Microsoft 2.0: How Microsoft plans to stay relevant in the post-Gates era (John Wiley & Sons, 2008). She also is the cohost of the "Windows Weekly" podcast on the TWiT network. Got a tip? Se... Full Bio

Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.