Sign in with
Sign up | Sign in

Microsoft: Malware Causes XP's MS10-15 BSOD

By - Source: Tom's Hardware US | B 14 comments

That pesky malware is always up to no good.

Thursday we reported that many Windows XP users were experiencing the Blue Screen of Death after installing Microsoft's latest batch of security updates. Security blogger Brian Krebs pinned the problem to MS10-15, a security update that addresses a 17-year-old kernel bug in all 32-bit versions of Windows XP. Users suffering the BSOD after installing the update were told to boot from the original Windows XP installation disc and fix the OS in the Recovery Console.

On Thursday Microsoft acknowledged the problem as stated in this blog, however at the time the Redmond company could not verify if the issue was specific to MS10-15, or if it was an interoperability problem with another component or third-party software. Microsoft pulled the patch from Windows Update until it could determine the source behind the BSOD issue.

However on Friday the Microsoft Security Response Center (MSRC) issued a report stating that malware installed on the systems were causing problems with the MS10-15 security patch. The MSRC team said that the BSOD issue is still under investigation, and has not yet ruled out other potential causes. Consumers experiencing the BSOD issues are asked to submit memory dumps if possible.

"In order to get the information we need to fully analyze the issue, some of our support engineers have actually driven to customer locations and picked up affected systems so we can get the needed crash data directly and help inform our investigation," the MSRC report said.

Microsoft customers were also advised to keep anti-virus software running and up-to-date in order to help prevent malware infections.

Display 14 Comments.
This thread is closed for comments
  • 1 Hide
    Anonymous , February 12, 2010 9:48 PM
    There is a rootkit going about computers lately, I have seen over 10 in the last week, infects either atapi.sys or the storage controller driver.. IE SISraid.sys, Iastor.sys ect ect.. causes the system to blue screen 7E error, which is usually related to hard drive corruption or corrupted drivers. Its quite possible that a computer is infected before the patch, and installing the patch interferes with the harmony the rootkit has with the system. could also be a combination of things.
  • 4 Hide
    mayne92 , February 12, 2010 9:54 PM
    So in other words...dumb consumers are still using the broken condoms of anti-malware...McAfee and Norton...
  • 1 Hide
    jhansonxi , February 12, 2010 10:59 PM
    Sounds like the fanboy "theory" that malware writers weren't aware and using this 17 year old undocumented hole was BS. Another fine counter-example of security by obscurity.
  • 5 Hide
    XD_dued , February 13, 2010 12:36 AM
    Hm...i'm running 4 comps with xp here, all fine with the update.
  • -3 Hide
    randomizer , February 13, 2010 4:16 AM
    It takes them 17 years to patch this exploit and when they finally do it they screw up. Do they need a century to get it right?
  • -5 Hide
    ossie , February 13, 2010 4:37 AM
    micro$uxx at it's finest... if you still didn't got it, it's a (unwilling) feature to discover unknown malware, not a bug. m$ never makes mistakes, others are always to blame - especially those duped to use m$ crap. Just wintarded m$ fankiddies drool in awe at every "innovation" dumped out from redmond, and windblow's legendary "reliability", "security", "interoperability", and "compatibility", trumpeted non-stop by m$ marketingdroids, and the m$m shills.
    randomizerIt takes them 17 years to patch this exploit and when they finally do it they screw up. Do they need a century to get it right?

    they never will... it's plain futile. Just another link in the never ending chain... of "innovation".
  • 0 Hide
    Anonymous , February 13, 2010 5:49 AM
    One word... Ubuntu.
    Yes. I do have a win7 PC, purely for games. It is for this exact reason I've jumped to the Linux camp.
  • 3 Hide
    Niva , February 13, 2010 12:27 PM
    Oh come on, I'm an avid linux user and I only use Windows for Photoshop and very occasional games these days but seriously... all OSs have security problems including linux. Why doubt what MS is saying? I applied the security patches to my machine and it didn't BSOD/crater, I guess that branch of malware was not on my system. I believe them on this.
  • -4 Hide
    Anonymous , February 14, 2010 1:06 AM
    Well, at least the brakes work on microsoft. If a car had 'Windows',blah,blah,blah.
  • 0 Hide
    jlyu , February 14, 2010 2:59 AM
    this happened to me on my windows 7 ultimate...my atapi.sys was infected, but i didnt want to delete it cause they say deleting it causes the computer to not start.

    I just clean isntalled my windows 7 and all the updates installed correctly.

    It was from me downloading and installing a exe that was corrupted with a virus
  • 0 Hide
    brantdk , February 15, 2010 6:13 AM
    I have seen this problem on both Vista and Windows 7. I could fix the problem on Vista but a clean install was need for the Win 7...
  • -1 Hide
    neiroatopelcc , February 15, 2010 7:12 AM
    Sh1t happends! Move on!
  • 0 Hide
    brantdk , February 15, 2010 7:49 AM
    Yep Sh1t happens...but not good if you have to re install 100´s of workstation in a company...Ms has to test there "Sh1t" before sending it out to millions. "Sh1t happens" is too easy.
  • 0 Hide
    neiroatopelcc , February 15, 2010 9:37 AM
    brantdkYep Sh1t happens...but not good if you have to re install 100´s of workstation in a company...Ms has to test there "Sh1t" before sending it out to millions. "Sh1t happens" is too easy.

    If you have 100s of workstations you also have a wsus and procedues for testing patches before they enter production systems. So in that case you wouldn't have the problem in the first place.