This section lists the latest news and blogs found via the daylife API (and for older items, the technorati API), which mention or otherwise discuss this vulnerability.
from: RedmondMag.com
...according to Microsoft, but 32-bit systems can be vulnerable. Microsoft suspended the automatic release of security bulletin MS10-015 through Windows Update but expects to resume delivery after further work. "Microsoft is striving to resolve the issue as quickly...
from: Houston Chronicle
...an update on our ongoing investigation into the "blue screen" issues affecting a limited number of customers who installed MS10-015. We have been working around the clock with our customers, partners and several teams at Microsoft to determine the cause of...
from: NetworkWorld
Microsoft late on Wednesday confirmed that a rootkit caused Windows PCs to crash after users applied a security patch issued
last week.
Only systems infected with the Alureon rootkit were incapacitated with Blue Screen of Death (BSOD) errors that
from: NetworkWorld
A hard-to-detect rootkit may be causing Windows XP systems to crash following Microsoft's latest security updates.
Windows users began flooding Windows support forums this week, saying that their computers had been rendered unusable with a
from: ZDNet
One of the key components when investigating issues like this are obtaining memory dumps from computers experiencing the problem. In order to get the information we need to fully analyze the issue, some of our support engineers have actually driven to
from: SC Magazine
...as opening a malicious Excel document could lead to remote code execution. Finally, Microsoft issued security bulletin MS10-015 that caused a blue screen on systems that were recently patched. Miller said: "Microsoft researched the issue and found a rootkit...
from: ZDNet UK
...to crash in February with a Blue Screen of Death. The software maker has re-written the installation package for the update, MS10-015, and will push it out automatically to users. It has written logic into the update to prevent the fix from being installed...
from: Ed Bott's Windows Expertise
...the problem has been resolved and Microsoft has re-released the update: [W]e have revised the installation packages for MS10-015 with new logic that prevents the security update from being installed on systems if certain abnormal conditions exist. Such conditions...
from: T.H.E. Journal
...consumers and enterprise customers will be available in a few weeks," Bryant said. Microsoft had originally issued the MS10-015 patch to fix a long-unaddressed bug in the Windows kernel that could allow a hacker to elevate access privileges on a hijacked system....
from: NetworkWorld
...Information Assurance Directorate, blasted Microsoft for its sluggish pace. Saying that fixing vulnerabilities can be a competitive advantage for companies, Snow cited MS10-015. "Seventeen years and not yet addressed? Give me a break," said Snow. ...
from: Internet.com
...Alureon. If it's found, the user receives a notice that the operating system is "incompatible" with the patch, which is numbered MS10-015, the company said in an e-mail to InternetNews.com. "If detection logic included in Automatic Update discovers abnormal...
from: PC Magazine
...the system from booting properly. And then this message: Your computer might not be compatible with Microsoft Security Update MS10-015. Proceeding with installation of the update could prevent your system from starting successfully. For additional information...
from: ComputerWorld
...by MS10-015. It denied that there was any flaw in the security update itself. "Today Microsoft resumed the distribution of MS10-015 to Windows customers through Automatic Update," Jerry Bryant, a senior manager with the Microsoft Security Response Center (MSRC),...
from: ZDNet
...from users systems. From a note I received from a Microsoft spokesperson: “Today Microsoft resumed the distribution of MS10-015 to Windows customers through Automatic Update. The bulletin includes added detection logic for consumer and enterprise customers...
from: PC Magazine
... And then this message: Shortly after Microsoft released MS10-015 last month, users started reporting blue-screens and rolling reboots. Microsoft pulled the update, and it quickly emerged that the problem was a certain class of malware on the systems....
from: eWeek
...Microsoft Security Response Center. "In every investigated incident, we have not found quality issues with security update MS10-015." Alureon attempts to access a specific memory location; the issue primarily affected 32-bit machines, according to Microsoft....
from: ComputerWorld
Computerworld - Tuesday's security updates from Microsoft have crippled Windows XP PCs with the notorious Blue Screen of Death (BSOD), users have reported on the company's support forum.
Complaints began early yesterday, and gained momentum throughout
from: ZDNet UK
...Response Center, wrote in a blog post. "In every investigated incident, we have not found quality issues with security update MS10-015." The patch addresses a vulnerability in the 32-bit Windows kernel that could allow elevation of privilege that was disclosed...
from: Slashdot
...execute and cause blue screens. Why not? DNA contains bits that will de-evolve you back into a frog or lizard or caveman. If MS10-015 was meant to protect against/fix Alureon infections, then yeah, it doesn't seem unreasonable to ask that it not hose the machine. OTOH,...
from: CNET
...Center, wrote in a blog post. "In every investigated incident, we have not found quality issues with security update MS10-015." The Win32/Alureon family of malware can modify DNS settings, hijack searches, and fraudulently click on ads, Microsoft said in...
from: ZDNet
...infected, during which the malware made assumptions as to the layout of the Windows code on the machine. Subsequently MS10-015 was downloaded and installed, during which the location of Windows code changed. On the next reboot the malware code crashed attempting...
from: PC World
...Also, problem reports have largely involved Windows XP systems. For that reason, Redmond says it will resume distributing the MS10-015 patch for 64-bit systems via Windows Update. While I'm more than willing to take Microsoft to task when they screw up, in...
from: eWeek
...during which the malware made assumptions as to the layout of the Windows code on the machine, he explained. Subsequently MS10-015 was downloaded and installed, during which the location of Windows code changed. On the next reboot, the malware code crashed attempting...
from: ZDNet
...will be after Microsoft releases the Alureon rootkit-detection fix.) Users still having issues they believe may be the result of MS10-015 can obtain free support from Microsoft by going to https://consumersecuritysupport.microsoft.com or by calling 1-866-PCSafety...
from: SC Magazine
...block access to certain websites, and redirect searches," according to a Microsoft summary. Microsoft still considers MS10-015 to be a high-priority patch. "Our guidance remains the same," Reavey said. "Customers should continue to deploy this month's security...
from: PC World
...to access a specific memory location, instead of letting the operating system determine the address," explained Reavey. "MS10-015 was downloaded and installed, during which the location of Windows code changed. On the next reboot the malware code crashed attempting...
from: PC World
...for netbooks, or am I essentially screwed for the time being?" asked "HimDen." Several users tentatively identified the MS10-015 update as the one which triggered the BSOD, and claimed that uninstalling that security fix -- which was labeled as KB977165 --...
from: ComputerWorld
...has concluded that the reboot occurs because the system is infected with malware," said Reavey. He added that the MS10-015 update was not at fault. "We have not found quality issues with security update MS10-015," Reavey maintained. Yesterday, Reavey echoed...
from: InfoWorld
...Data Loss Prevention, which covers the tools and techniques used by experienced security pros. ] He added that the MS10-015 update was not at fault. "We have not found quality issues with security update MS10-015," Reavey maintained. Yesterday, Reavey echoed...
from: ComputerWorld
... This seemed confirmed on February 16th when Gregg Keizer of Computerworld wrote "Microsoft has not yet restored the MS10-015 patch to Windows Update, so users can safely download and install all remaining updates issued last week." Turns out, it wasn't...
from: Inquirer
...on its tech blog. The Vole's blog post reads, "In our continuing investigation in to the restart Issues related to MS10-015 that a limited number of customers are experiencing, we have determined that malware on the system can cause the behavior. We are not...
from: ComputerWorld
...posting has not been updated in the six days since it was written. The patch in question is known as MS10-015 and as KB977165, depending on the context. "Automatic Updates for MS10-015 will remain disabled until our investigation into the restart issues...
from: IEEE Spectrum
...the restart issues is complete." Maybe Microsoft would be doing a lot of people a favor by announcing that it was now releasing MS10-015 along with a message stating that if you end up with the BSOD, you are probably infected, along with what to do next. The...
from: NetworkWorld
...to Windows Update, so users can safely download and install all remaining updates issued last week. "Automatic Updates for MS10-015 will remain disabled until our investigation into the restart issues is complete," Jerry Bryant, a senior manager with the Microsoft...
from: PC Magazine
...caused the BSOD was due to the rootkit hard-coding the address of a particular Windows routine, and this address was moved by MS10-015. The rootkit authors had a fix out before too long, but that wasn't enough to save large numbers of users who couldn't boot...
from: ZDNet
...number of the users affected by this BSOD was infected by TDL3/TDSS rootkit. More exactly, TDL3 rootkit looks incompatible with MS10-015 update. This is the cause of the BSOD. Problem resides in the lazyness of rootkit writers when writing the driver infection...
from: ComputerWorld
...screen," said Fossi. Schouwenberg noted that rootkit-infected machines running any flavor of Windows will crash when the MS10-015 update is applied. "This affects every version of Windows," he said, including Vista and Windows 7. "The reason why it's been...
from: GHacks Technology News
...addressed the issue shortly after reports began to appear and revealed that the issues were linked to the patch MS10-015. The company did however mention at this time that it was not clear yet if the patch was the cause for the problems. While that has not...
from: ZDNet UK
...on Windows systems, according to the company. "In our continuing investigation into the restart issues related to MS10-015 that a limited number of customers are experiencing, we have determined that malware on the system can cause the behaviour," said a Microsoft...
from: The Register
...our continuing investigation into the restart issues related to MS10-015 that a limited number of customers are experiencing, we have determined that malware on the system can cause the behavior. We are not yet ruling out other potential causes at this time...
from: [H]ard | OCP
Because TDSS uses crafty techniques to hide itself on the operating system, many antivirus programs have a hard time detecting it, said Roel Schouwenberg, a Kaspersky antivirus researcher. "The more I look into it, the more plausible it becomes that
from: Engadget
...giant's following quote: Rock, meet hard place. "In our continuing investigation in to the restart issues related to MS10-015 that a limited number of customers are experiencing, we have determined that malware on the system can cause the behavior. We...
from: RedmondMag.com
...malware though." Because of the snafu and pending investigation, Microsoft has temporarily pulled security bulletin MS10-015 from automatic release through Windows Update. However, the patch still remains on Microsoft update sites for administrators to download...
from: ComputerWorld
...researcher. "The more I look into it, the more plausible it becomes that this is indeed the (main) issue behind the BSOD. MS10-015 is a kernel update with atapi.sys containing the extremely advanced TDSS kernel rootkit," he said via instant message. "Microsoft...
from: Gadgetell
...and unusable systems. The company’s support forums have been flooded with complaints from angry users since the release of MS10-015. “I updated 11 Windows XP updates today and restarted my PC like it asked me to,” said a user identified as “tansenroy” who...
from: Bink.nu
... One of the key components when investigating issues like this are obtaining memory dumps from computers experiencing the problem. In order to get the information we need to fully analyze the issue, some of our support engineers have actually driven to cus...
from: SC Magazine
Microsoft has stopped offering one of its recent patches, MS10-015, through Windows Update because a "limited number of users" are having difficulty restarting their computers after installing the fix, Jerry Bryant, senior security communications
from: NetworkWorld
For the second time in the last four months, Microsoft today shipped a record 13 security updates that patched dozens of vulnerabilities
in Windows.
The 26 flaws fixed today were off the record of 34 set in October 2009 when Microsoft last issued 13
from: Simple Thoughts
...of the netbooks lack any optical drive. So, they can not be booted from CD or DVD. Many users tentatively found that the MS10-015 update is the one which triggered the BSOD, and claimed that uninstalling that security fix which was labeled as KB977165 , brings...
from: PC World
...of the now-missing MS10-015 with a automated workaround that disables the vulnerable NT Virtual DOS Mode (NTVDM) subsystem. MS10-015 quashed a pair of 17-year-old kernel bugs in all 32-bit versions of Windows. The vulnerability went public three weeks ago...
from: ComputerWorld
...on the update problem. Not surprisingly, rumors began circulating about possible causes of the apparent conflict between the MS10-015 update and some, though certainly not all, Windows XP machines. One making the rounds ended up on the support thread: "Is...
from: GHacks Technology News
...the Senior Security Communications Manager, states that Microsoft has not yet ” confirmed that the issue is specific to MS10-015″ as it could also be an “interoperability problem with another component or third-party software”. Microsoft has pulled the security...
from: Inquirer
...issue occurs after installing update MS10-015 (KB977165). However the Vole refuses to confirm that the issue is specific to MS10-015 or if it is an interoperability problem with another component or third-party software. "Our teams are working to resolve this...
from: PC Pro
...the cause of the complaints, users have narrowed the problem to update KB977165, described by Microsoft as "MS10-015: Vulnerabilities in Windows kernel could allow elevation of privilege". The patch was intended to address a 17-year-old kernel bug present...
from: Pocket Lint
...optical drive, however - which will affect a growing number of netbook users. Other users have said that uninstalling patch MS10-015, labelled as KB977165, brought their computer back to life. The patch fixes a kernel bug that allows an attack on a Windows...
from: Bink.nu
...address this issue, customers who choose not to install the update can implement the workaround outlined in the bulletin. CVE-2010-0232 was publicly disclosed and we previously issued Security Advisory 979682 in response. Customers can disable the NTVDM subsystem...
from: SC Magazine
...the so-called blue screen of death when they attempt to restart. The potentially broken patch reportedly is bulletin MS10-015, which repairs privilege-escalation vulnerabilities in the Windows kernel. — DK This material may not be published, broadcast, rewritten...
from: eWeek
...to Microsoft, the issue appears to be related to MS10-015, but it has not been determined if it is specific to MS10-015 or if it is an interoperability problem with another component or third-party software. The bulletin addresses two Windows Kernel privilege...
from: NetworkWorld
Tuesday's security updates from Microsoft have crippled Windows XP PCs with the notorious Blue Screen of Death (BSOD), users
have reported on the company's support forum.
Complaints began early yesterday, and gained momentum throughout the day.
"I
from: The Register
...from Microsoft can cause Windows XP machines to crash with the infamous blue screen of death. Updating systems with the MS10-015 bulletin, which addresses "important" vulnerabilities in Windows Kernel, can cause machines to lock up when restarted before falling...
from: ComputerWorld
...and claimed that uninstalling that security fix -- which was labeled as KB977165 -- returned their PC to working condition. MS10-015, one of 13 security updates Microsoft issued Tuesday, patched a 17-year-old kernel bug in all 32-bit versions of Windows. The...
from: GHacks Technology News
...all supported editions of Microsoft Windows 2000 Server, Windows Server 2003, and Windows Server 2008Microsoft Security Bulletin MS10-015 – Important – Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (977165) – his security update resolves...
from: Channel Web
...the vulnerabilities, proof-of-concept exploit code exists for two vulnerabilities addressed by Microsoft bulletin MS10-015, addressing errors designated as "important" in the Windows Kernel that could enable elevation of privileges if an attacker logged onto...
from: PC World
...as top priority by the MSRC post because of publicly available proof-of-concept attack code. The vulnerability fixed by MS10-015 allows a logged-in user to run a "specially crafted application" to gain additional privileges on a system. Such privilege escalation...
from: ComputerWorld
...2008's Hyper-V virtualization software; the Windows kernel; and other bits and pieces of Windows. The kernel update, MS10-015, patched the 17-year-old bug in all 32-bit versions of Windows that went public Jan. 19 when a Google engineer disclosed the vulnerability...
from: SC Magazine
...earn this vulnerability close intense scrutiny by the hacker community. Microsoft also recommends prioritising MS10-008 and MS10-015.” The MS10-013 patch addresses a vulnerability in Microsoft DirectShow where a specially crafted AVI file leads to remote execution...
from: eWeek
...Server 2003. MS10-008 is a remote code execution vulnerability in the Microsoft Data Analyzer ActiveX Control, while MS10-015 fixes two privilege escalation bugs in the Windows Kernel. Though the Windows Kernel bulletin is rated important and not critical, it...
