Microsoft blames XP update crashes on malware
Microsoft says Windows XP computers crashing after last week’s security update may be down to a well-concealed piece of malware. Though they haven’t given many details, it has been linked it to a notorious rootkit named Tdss.
The problems began after an update attempted to fix a security loophole dating right back to 1993 and the switch from 16-bit to 32-bit systems. Since the update, some XP users have reported seeing the dreaded “blue screen of death” when attempting to restart their machines.
The firm issued a solution for fixing the problem using a recovery disk, though one of our readers is among those who report this doesn’t necessarily work. Microsoft says customers still experiencing problems and finding themselves unable to rectify their machines should contact 1-866-727-2338 (or visit http://support.microsoft.com/common/international.aspx for international help numbers.)
Microsoft now says of the problem’s origins that “we have determined that malware on the system can cause the behavior. We are not yet ruling out other potential causes at this time and are still investigating.” The firm has even sent staff to view affected machines in person to try to learn more about the causes.
Though the firm hasn’t confirmed it, a security blogger named Patrick Barnes believes the update is somehow triggering a piece of malware into action. He says the infected file is %System32\drivers\atapi.sys and that computer experiencing this problem can be fixed by replacing this file, though that’s a solution best carried out by those with a decent level of knowledge and confidence.
The infection in question appears to be related to the rootkit “Tdss”. A rootkit is a system made up of one or more programs which work specifically to hide the fact that a computer has been accessed. By itself it doesn’t automatically damage a computer, but it makes it much easier for a hacker to access a machine and run malicious software without detection.
Related Posts:
February 15th, 2010
As trivial as it is to recover atapi.sys, shame this article couldn’t provide the few simple steps to do so. Lazy.
February 18th, 2010
thanks blorge, no help on how to stop this??
February 21st, 2010
ez fix. install windows 7. 1000 times better then vista and xp. and everything is compatable on it unlike vista. other wise do a new xp install on pc without formatt. just install in new dir or windows folder so you can still access your old files and folders. and turn automatic updates off.