"The restarts are the result of modifications the Alureon rootkit makes to Windows Kernel binaries, which places these systems in an unstable state," Mike Reavey, director of the Microsoft Security Response Center, wrote. "In every investigated incident, we have not found quality issues with security update MS10-015."
Until a solution is available, Microsoft will not offer the patch for 32-bit Windows through Automatic Updates, but will offer it for 64-bit systems.
"A malware compromise of this type is serious, and if customers cannot confirm removal of the Alureon rootkit using their chosen anti-virus/anti-malware software, the most secure recommendation is for the owner of the system to back up important files and completely restore the system from a cleanly formatted disk," Microsoft said.
The Win32/Alureon malware makes changes to DNS settings and hijacks user searches. It also makes fraudulent "clicks" on advertisements.
Written by: James Delahunty @ 20 Feb 2010 5:35