Microsoft: Malware the cause of security update BSOD

The recent case in which a security update allegedly triggers a BSOD (Blue Screen of Death) in some Windows PCs has been linked to malware. However, Microsoft was quick to note that it is not ruling out other potential causes at this point in time, saying that investigation on the issue continues.

Jerry Bryant, senior communications manager lead at Microsoft wrote on the Microsoft Security Response Center blog, "In our continuing investigation in to the restart issues related to MS10-015 that a limited number of customers are experiencing, we have determined that malware on the system can cause the behavior."

In the meantime, other security professionals have implicated the TDSS rootkit as being the catalyst to triggering the BSOD. Kaspersky antivirus researcher Roel Schouwenberg noted that the TDSS kernel rootkit affects the atapis.sys system file, while the MS10-015 security update patches the same file. Schouwenberg said, "The more I look into it, the more plausible it becomes that this is indeed the (main) issue behind the BSOD."

As such, the solution to the BSOD is really to remove the rootkit before installing the security update from Microsoft. In the meantime, a standalone utility created by Kaspersky Lab to remove the TDSS infection can be downloaded here.

For more on this story:
- check out this article at ITPro
- check out this article at Computerworld 

Related Articles:
Latest security patch triggers BSOD in some Windows PCs
Massive Patch Tuesday planned for February 2010
Microsoft issues emergency patch for Internet Explorer
Six security patches in November, says Microsoft
Microsoft plug-in for Firefox patched