Articles
Blogs
Kits
Forums
Two months ago Microsoft released a security update designed to fix two flaws in the Windows kernel. Unfortunately, this update would cause a Blue Screen of Death on many users computers. After some research, it was discovered that a rootkit was the cause of the crashes and Microsoft stopped automatically serving this update.
Microsoft has since restarted distribution of this update only after it had found out a way to block the rootkit-infected computers from receiving the patches.
Jerry Bryant who is a general manager with the Microsoft Security Response Team said the following:
“If detection logic included in Automatic Update discovers abnormal conditions in certain operating system file configurations, the update will fail and customers will be presented with an error message that offers alternative support options,”
While this will prevent the Blue Screen of Death appearing, it will leave users vulnerable to the exploit the update was originally designed to patch. No exploits of this flaw appear to exist in the wild just yet, but Microsoft warns that exploit code is likely to be developed.
“Leaves system vulnerable”, when the systems are ALREADY INFECTED WITH A ROOTKIT???
So you must think the BSOD is really the better choice??? Maybe that is what you are thinking – better a bricked system than an infected one. Sigh.
I don’t see you proposing a better action Microsoft should take. All you have done is bitch, bitch, bitch at Microsoft.
I think you are rude. I have had to control myself at not using worse language to describe my disgust at this article.
How was this article rude? No opinion was given, only facts were stated.
I presume Microsoft should be giving the user some warning that they may be infected but I can see both sides to the argument.
If your plugging a hole that your own shoddy work created in the first place, then its your job to clean up the mess first.
Alternatively, i’m sure there are legal reasons Microsoft can’t just start uninstalling software on your computer. I will personally leave virus removal to, y’know programs that are designed specifically to do the job
I think you need to reread the article Scott, no opinion was given. It was all facts.
As for the action of Microsoft (and this IS opinion now), Microsoft is in an interesting situation. Kill a system with a patch of leave a rootkit on the system AND leave it vulnerable to the kernel exploit. Since infected machines are generally a menace to the internet (becoming botnets, attacking servers, sending spam, spreading more viruses etc.), killing it might be better choice since it alerts the user to the fact that it needs to be fixed.
Anyway, its up to Microsoft what they want to do but as the above poster said, the article is all facts and not of my opinion. I cant even see how it would have been seen as rude?
Yeah…I read this when it was posted on several other tech sites…3 days ago.
Great article. How embarrassing that must be for them.
I think MS took the right approach here–especially if they’re giving the user an alert that says their system is infected. This lets the user keep using their infected system (hopefully just to backup files or something) and then get it fixed asap.
I think Scott needs to take his High Blood Pressure pills cuz he got upset at nuttin but the facts any way great job Bryce