After some months since the last blog post about the TDL rootkit, we have to come back and write again about this nasty threat that is targetting both 32 bit and 64 bit versions of the Windows operating system, succesfully bypassing all the security countermeasures implemented in the 64 bit version of Windows that should prevent the loading of unsigned drivers and every kind of patch to the Windows kernel.
Read more: Prevx link.
Something else I can learn about in my spare time.
This is the first response of the rootkit's authors to Microsoft's KB2506014 patch of a couple of weeks ago. This is a game of move and counter-move, and the latest development is not unexpected. The people who work on this rootkit aren't going to give up, and they are technically extremely capable. This one will run and run ... and the rest of us just have to hope that TDL4 stays away from our system, because the only sure way to get rid of it is to take out your hard drive and drop it down a very deep hole.