Rootkits are taking over Windows XP SP2 Machines

According to a recent report on eweek, more than 20% of malware found on machines are stealth rootkits.



Jason Garms, architect and group program manager in Microsoft's Anti-Malware Technology Team, said the open-source FU rootkit ranks high on the list of malicious software programs deleted by Microsoft's monthly Anti-Virus update. The rootkits are being detected and removed from Windows XP (gold) versions but infection rates on XP SP1 and XP SP2 machines are also high.

The Ispro rootkit, for example, was prevalent on 50 percent of all Windows XP machines without a service pack. About 20 percent of all scans of machines running XP SP1 and SP2 also found the rootkit.

The Netsky mass-mailing worm is the fourth most prevalent piece of malware removed by Microsoft this year, while worms like Kelvir and Lovgate were removed from 40 percent of all XP SP2 machines that ran the tool.

Kelvir is a family of worms that uses social engineering tactics to spread through MSN Messenger or Windows Messenger. The Lovgate worm and its mutants also use clever text in spammed e-mails to trick users into executing a malicious attachment.
View: Eweek Article


View: Microsoft Anti-Spyware

Report a problem with article
Previous Story

IE7 Public Beta Due Early '06

Next Story

Todays Microsoft Technical Chats

0 Comments - Add comment