Microsoft refuses to patch infected Windows XP machines

Detection

Software giant will leave machines unpatched if it detects they're infected with a rootkit, in an effort to prevent BSODs

Microsoft has revealed that its latest round of patches won't install on XP machines if they're infected with a rootkit.

Back in February, a security patch left some XP users complaining of endless reboots and Blue Screens of Death. An investigation followed and Microsoft discovered the problems occurred on machines infected with the Alureon rootkit, which interacted badly with patch KB977165 for the Windows kernel.

Microsoft's latest patches also contain kernel updates, and in an effort to avoid a repeat performance, the company has prevented the patches from installing on infected machines.

This security update includes package detection logic that prevents the installation of the security update if certain abnormal conditions exist

"This security update includes package-detection logic that prevents the installation of the security update if certain abnormal conditions exist on 32-bit systems," Microsoft cautions in the patch notes.

"These abnormal conditions on a system could be the result of an infection with a computer virus that modifies some operating system files, which renders the infected computer incompatible with the kernel update," it concludes.

As Microsoft has noted, while the solution prevents users from suffering the misery of Blue Screens of Death, it does leave them unprotected and the company has urged users to download its Malicious Software Removal Tool to clean up their machines and run the patch as soon as possible.

Read more

News