david1
Member
|
# Posted: 17 Mar 2010 21:36
Reply
http://blogs.zdnet.com/hardware/?p=7349&tag=col2;t opRated
An update released by Microsoft this month (MS10-015) broke XP machines that were infected with the TDL3 rootkit (also known as TDSS and Tidserv and many other names - more info here).
Well, a rootkit that causes crashes is bad for business, so the hackers had an update out in the matter of hours.
On last Tuesday Microsoft released a number of Windows updates, some of them critical because they fixed a 17 years old bug. After some users updated their Windows operating systems, they got a scaring and really annoying blue screen of death.
Most of those users were angry with Microsoft, but the problem this time is not related to Microsoft. Indeed a number of the users affected by this BSOD was infected by TDL3/TDSS rootkit.
More exactly, TDL3 rootkit looks incompatible with MS10-015 update. This is the cause of the BSOD. Problem resides in the lazyness of rootkit writers when writing the driver infection routine.
...
Good news is that TDL3 authors care about us and they released in a couple hours a new updated version of the rootkit compatible with the Microsoft patch.
It's one big cat and mouse game between the good guys and the bad guys.
|