Microsoft is seeking to avoid a repeat of February's blue-screen problems with this month's bumper crop of Patch Tuesday patches. After installing the February updates, some users of Windows XP found their systems wouldn't boot. After investigation, this turned out to be due to an interaction between the Alureon rootkit and the patch for KB977165 which updates the Windows kernel. Microsoft has subsequently released tools that attempt to detect the rootkit and prevent installation of the patch if a machine appears compromised.
This month's patches also contain kernel updates, and so have the same incompatibility with the rootkit. As the bulletin for MS10-021 states, 'This security update includes package detection logic that prevents the installation of the security update if certain abnormal conditions exist on 32-bit systems. These abnormal conditions on a system could be the result of an infection with a computer virus that modifies some operating system files, which renders the infected computer incompatible with the kernel update.'
Read the comments on this post
"
