Microsoft Releases Blue Screen Rootkit Detection Tool - gHacks Tech News

Microsoft Releases Blue Screen Rootkit Detection Tool

Last month's Microsoft security updates have caused some controversy over a single patch in the pack that was first thought to cause blue screens on some computer systems.

It later turned out that the patch was only indirectly responsible for the blue screen; a rootkit that had altered some files of the operating system was causing it after all.

Some computers may not be compatible with security update 977165. This issue usually occurs when a computer is infected with a virus that changes certain Microsoft operating system files. In these cases, after you install the security update 977165, the computer may restart repeatedly.

The solution back then was to clean the computer system first by running up to date rootkit detection software before installing the security patch.

Two updates have been released by Microsoft which are both useful to users affected by the issue, and users who have not experienced it but have not installed the security update yet.

blue screen rootkit

The patch has been redesigned by Microsoft to block the patching if "abnormal" conditions exist which in this case means altered files on the computer caused by the rootkit.

If these conditions are detected, the update will not be installed and the result will be a standard Windows Update error.

Microsoft has furthermore released a fix it script that can be used to determine if a computer system is compatible with the security update that is described in the security bulletin MS10-15.

The fix it solution can be downloaded here. It is recommended to run it first before trying to install the security patch. The Fix It solution will only report if the patch can be installed without difficulty by checking for issues that prevent it from being applied properly on target systems. Again, it seems to check for modified files on the system by the rootkit.

It will however not resolve the issue if it returns negative. This means that it can be used to find out if the update can be installed on the system properly, or if issues would arise.

Microsoft released a tool for system administrators and IT professionals that enables them to run an enterprise-wide compatibility assessment. Download of the tool is also provided on the fit it solution website.

Microsoft Security Essentials will detect and remove the rootkit responsible for the blue screens that appear after installing the patch on the operating system. Other security software may also detect the rootkit and remove it from the operating system.

Summary
Microsoft Releases Blue Screen Rootkit Detection Tool
Article Name
Microsoft Releases Blue Screen Rootkit Detection Tool
Description
Microsoft released a so-called Fix It program for Windows that determines whether security patch 977165 can be installed on the system.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.

If you like our content, and would like to help, please consider making a contribution:


Previous Post: «
Next Post: »

Comments

    Leave a Reply

    Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

    Please note that your comment may not appear immediately after you post it.