Microsoft today confirmed it was a rootkit that lead to blue screen of death for XP users, following its February Patch Tuesday.
The patch was released on 9 February, and soon after Microsoft's forums were flooded with complaints from XP users whose computers had crashed after the updates were installed.
The software giant suspected it was down to rootkit malware but has only today confirmed the precise details through a blog from Mike Reavey, director of the Microsoft Security Response Centre.
"Our investigation has concluded that the reboot occurs because the system is infected with malware, specifically the Alureon rootkit," he wrote.
"The restarts are the result of modifications the Alureon rootkit makes to Windows Kernel binaries, which places these systems in an unstable state. In every investigated incident, we have not found quality issues with security update MS10-015."
Reavey claimed the malware was not detected by Microsoft testers as it had affected its own test machines leaving them in an unreliable state.
The team is now working on new ways to detect malware issues on affected systems as well as a way of detecting and removing Alureon, which it hopes to launch in the next couple of weeks.
Reavey's blog concluded: "Our guidance remains the same: customers should continue to deploy this month's security updates and make sure their systems are up-to-date with the latest anti-virus software."
