April 17, 2010

Infected Windows Owners Left in the Dark

A rootlet virus is causing some of the updates for Windows XP to not be installed on infected machines.

The virus buries itself deep within the Windows Operating system to avoid detection. 

Microsoft said it has taken action because similar updates issued in February made machines infected with the Alureon rootlet crash repeatedly.

The most recent updates can determine if a system is compromised by the Alureon rootlet and halt installation.

Once Alureon is present, it oversees net traffic and steals user names, passwords and credit card numbers. It also allows attackers a back door entrance into affected computers.

The virus first appeared in 2008, and it has since been spreading through discussion forums, hacked websites and bogus pay-per-click affiliate schemes.

Microsoft said that "abnormal conditions" would prevent XP users applying the updates.

"These abnormal conditions on a system could be the result of an infection with a computer virus that modifies some operating system files, which renders the infected computer incompatible with the kernel update," read the statement.

Microsoft hopes to avoid a repeat of events in February by not applying the patch. In February, many users were left struggling to get their computers working again.

Microsoft also said it wishes to avoid a situation that leaves people wary of updates because they provoke a crash.

It is not yet known exactly how many people have been left without the updates.

Microsoft asked those who were infected to ensure their machine is cleaned of the rootkit. It also urged people using its malware removal tool or using rootlet detectors from the other security companies.

Many security packages today are built-in and will find rootkits when a machine is scanned.


On the Net: