Microsoft Refuses To Patch Rootkit-Compromised XP Machines

Posted by timothy on Thursday April 15, 2010 @06:48AM from the define-yourself-as-outside-the-fence dept.

Barence writes "Microsoft has revealed that its latest round of patches won't install on XP machines if they're infected with a rootkit. In February, a security patch left some XP users complaining of endless reboots and Blue Screens of Death. An investigation followed and Microsoft discovered the problems occurred on machines infected with the Alureon rootkit, which interacted badly with patch KB977165 for the Windows kernel. Now Microsoft is blocking PCs with the rootkit from receiving its new patches. 'This security update includes package-detection logic that prevents the installation of the security update if certain abnormal conditions exist on 32-bit systems,' Microsoft cautions in the patch notes."

1 of 330 comments (clear)

Min score:

Reason:

Sort:

Order by gmuslera · 2010-04-15 07:06 · Score: 0, Redundant

Couldnt them had included a program to detect and clean that rootkit, then proceed to install the patch instead of just refusing?

Anyway, having a rootkit active means being walking over thin ice. You could clean it, but it could be used to install something that gives a more direct access, and the rootkit could not be required anymore to do what they want with your machine. Backup data and reinstall should be the recommended way of acting unless you are capable to detect the other changes.